urlscan.io logo urlscan.io
SecurityTrails logo

www.reviewjournal.com Open in urlscan Pro
192.0.66.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2...
Effective URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-highe...
Submission: On April 09 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 9 countries across 99 domains to perform 419 HTTP transactions. The main IP is 192.0.66.2, located in United States and belongs to AUTOMATTIC, US. The main domain is www.reviewjournal.com.
TLS certificate: Issued by R3 on February 19th 2021. Valid for: 3 months.
This is the only time www.reviewjournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.254 209242 (CLOUDFLAR...)
16 192.0.66.2 2635 (AUTOMATTIC)
7 2a00:1450:400... 15169 (GOOGLE)
17 142.250.185.66 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
1 13.225.74.65 16509 (AMAZON-02)
7 2a04:4e42:1b:... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 89.187.169.26 60068 (CDN77 (^_^)/)
1 2.18.234.163 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
8 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 199.232.136.157 54113 (FASTLY)
2 2a03:2880:f03... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.18.12.242 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 169.50.137.179 36351 (SOFTLAYER)
1 34.253.179.128 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:209... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 54.245.234.104 16509 (AMAZON-02)
6 151.139.128.11 20446 (HIGHWINDS3)
14 2606:2800:233... 15133 (EDGECAST)
1 2a04:4e42:400... 54113 (FASTLY)
1 104.244.42.133 13414 (TWITTER)
3 52.52.67.9 16509 (AMAZON-02)
6 2a03:2880:f13... 32934 (FACEBOOK)
1 35.201.125.192 15169 (GOOGLE)
1 2 107.178.250.234 15169 (GOOGLE)
1 13.224.194.178 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.131 13414 (TWITTER)
1 34.120.133.55 15169 (GOOGLE)
3 4 52.17.69.36 16509 (AMAZON-02)
1 151.101.194.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
3 213.19.162.61 3356 (LEVEL3)
5 10 35.244.159.8 15169 (GOOGLE)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 7 185.33.221.88 29990 (ASN-APPNEX)
3 52.45.248.59 14618 (AMAZON-AES)
5 2606:2800:233... 15133 (EDGECAST)
2 184.31.84.150 20940 (AKAMAI-ASN1)
19 54.230.183.21 16509 (AMAZON-02)
7 34.252.219.109 16509 (AMAZON-02)
62 2a00:1450:400... 15169 (GOOGLE)
2 13.85.16.224 8075 (MICROSOFT...)
2 54.230.182.154 16509 (AMAZON-02)
1 52.217.37.228 16509 (AMAZON-02)
4 35.244.221.19 15169 (GOOGLE)
2 2.18.235.40 16625 (AKAMAI-AS)
4 151.101.14.217 54113 (FASTLY)
4 2600:9000:21f... 16509 (AMAZON-02)
7 54.166.210.103 14618 (AMAZON-AES)
1 104.26.4.15 13335 (CLOUDFLAR...)
3 151.101.1.194 54113 (FASTLY)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 3.141.126.26 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
9 54.195.68.175 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 34.241.178.179 16509 (AMAZON-02)
1 54.230.180.67 16509 (AMAZON-02)
1 18 34.255.212.202 16509 (AMAZON-02)
4 2.18.233.180 16625 (AKAMAI-AS)
2 18.195.155.181 16509 (AMAZON-02)
2 2 18.184.153.186 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
2 2 35.227.252.103 15169 (GOOGLE)
2 2 198.148.27.139 19189 (PULSEPOINT)
5 6 213.19.147.151 26120 (RHYTHMONE)
1 178.162.133.149 60781 (LEASEWEB-...)
5 6 185.94.180.125 35220 (SPOTX-AMS)
1 3 2600:1f18:612... 14618 (AMAZON-AES)
2 2 18.157.239.120 16509 (AMAZON-02)
1 52.51.3.86 16509 (AMAZON-02)
3 3 52.58.45.227 16509 (AMAZON-02)
2 2 185.29.132.68 30419 (MEDIAMATH...)
5 6 70.42.32.95 22075 (AS-OUTBRAIN)
1 1 54.205.191.176 14618 (AMAZON-AES)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 34.192.170.233 14618 (AMAZON-AES)
1 193.122.130.38 31898 (ORACLE-BM...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 18.185.208.29 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
7 8 172.217.23.98 15169 (GOOGLE)
1 1 124.146.215.45 2514 (INFOSPHER...)
1 1 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 4 2a00:1450:400... 15169 (GOOGLE)
2 3 185.64.189.216 62713 (AS-PUBMATIC)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
1 35.244.153.179 15169 (GOOGLE)
1 35.190.5.192 15169 (GOOGLE)
1 34.95.105.148 15169 (GOOGLE)
1 52.17.165.163 16509 (AMAZON-02)
16 22 169.50.137.190 36351 (SOFTLAYER)
1 2 35.227.248.159 15169 (GOOGLE)
1 1 52.28.42.15 16509 (AMAZON-02)
1 1 3.125.244.14 16509 (AMAZON-02)
2 52.222.179.75 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
1 54.78.254.47 16509 (AMAZON-02)
1 34.192.117.147 14618 (AMAZON-AES)
1 23.79.152.128 16625 (AKAMAI-AS)
1 2 52.48.248.240 16509 (AMAZON-02)
1 2 72.251.249.14 29791 (VOXEL-DOT...)
1 35.244.174.68 15169 (GOOGLE)
1 1 142.250.186.66 15169 (GOOGLE)
1 69.173.144.165 26667 (RUBICONPR...)
2 51.107.59.180 8075 (MICROSOFT...)
2 34.194.161.83 14618 (AMAZON-AES)
2 54.209.204.79 14618 (AMAZON-AES)
419 109
2    199.60.103.254 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
info.silobreaker.com
16    192.0.66.2 (United States)

ASN2635 (AUTOMATTIC, US)
www.reviewjournal.com
7    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
17    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum.casalemedia.com
1    13.225.74.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-65.fra2.r.cloudfront.net
media.reviewjournal.com
7    2a04:4e42:1b::393 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
13    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    89.187.169.26 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-26.cdn77.com
cdn.rawgit.com
1    2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
1    2a00:1450:4001:80e::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
8    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f03f:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:10::6814:15ef (United States)

ASN13335 (CLOUDFLARENET, US)
rum-static.pingdom.net
1    104.18.12.242 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
1    2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gadasource.storage.googleapis.com
2    169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
tag.simpli.fi
i.simpli.fi
1    34.253.179.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
insight.adsrvr.org
5    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:2093:2e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    54.245.234.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
aamcf.aamsitecertifier.com
6    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
14    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
loader-cdn.azureedge.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
cdn.ayc0zsm69431gfebd.xyz
cdn.mg2connext.com
1    2a04:4e42:400::621 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
3    52.52.67.9 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-67-9.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
6    2a03:2880:f13f:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.201.125.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.bc0a.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
js.matheranalytics.com
1    13.224.194.178 (United States)

ASN16509 (AMAZON-02, US)
d1z2jf7jlzjs58.cloudfront.net
8    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
www.googletagservices.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
13    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
4    52.17.69.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-69-36.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
cdn.includemodal.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
spreadsheets.google.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    213.19.162.61 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
10    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
didna-d.openx.net
us-u.openx.net
eu-u.openx.net
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    52.45.248.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
ssc.33across.com
5    2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)
adserver-us.adtech.advertising.com
2    184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
19    54.230.183.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-21.ham50.r.cloudfront.net
fuel-streaming-prod01.fuelmedia.io
7    34.252.219.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
trends.revcontent.com
62    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-review-journal-proxy-connext.azurewebsites.net
2    54.230.182.154 (United States)

ASN16509 (AMAZON-02, US)
d1wa9546y9kg0n.cloudfront.net
1    52.217.37.228 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
paywall-ad-bucket.s3.amazonaws.com
4    35.244.221.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
api.mg2insights.com
2    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
4    151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
app.launchdarkly.com
4    2600:9000:21f3:5e00:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2s8wlbatk24s7.cloudfront.net
7    54.166.210.103 (United States)

ASN14618 (AMAZON-AES, US)
www.i.matheranalytics.com
1    104.26.4.15 (United States)

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
3    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
includemodal.global.ssl.fastly.net
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
googleads.g.doubleclick.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    3.141.126.26 (Columbus, United States)

ASN16509 (AMAZON-02, US)
includemodal.com
7    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
9    54.195.68.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.springserve.com
1    2600:9000:21f3:ba00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
1    34.241.178.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
vid.springserve.com
1    54.230.180.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-180-67.ham50.r.cloudfront.net
cdn.parsely.com
18    34.255.212.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
2    18.184.153.186 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
6    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
6    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    2600:1f18:612b:4264:9a95:fbee:2d35:58d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pbs.publishers.tremorhub.com
simplifi.partners.tremorhub.com
2    18.157.239.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-239-120.eu-central-1.compute.amazonaws.com
eb2.3lift.com
1    52.51.3.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.yieldmo.com
3    52.58.45.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-45-227.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    185.29.132.68 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
b1sync.zemanta.com
1    54.205.191.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    34.192.170.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    18.185.208.29 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
8    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
cm.g.doubleclick.net
1    124.146.215.45 (Setagaya-ku, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    185.64.189.216 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    35.244.153.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.153.244.35.bc.googleusercontent.com
ixf2-api.bc0a.com
1    35.190.5.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.5.190.35.bc.googleusercontent.com
cdn.b0e8.com
1    34.95.105.148 (Kansas City, United States)

ASN15169 (GOOGLE, US)
a.b0e8.com
1    52.17.165.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rum-collector-2.pingdom.net
22    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    52.28.42.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
aa.agkn.com
1    3.125.244.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    52.222.179.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-179-75.ham50.r.cloudfront.net
sync.intentiq.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    34.192.117.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.bfmio.com
1    23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
2    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    51.107.59.180 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p1.parsely.com
2    54.209.204.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
events.launchdarkly.com
Apex Domain
Subdomains		 Transfer
62 2mdn.net
s0.2mdn.net
786 KB
31 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
168 KB
26 googlesyndication.com
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
111 KB
24 simpli.fi
tag.simpli.fi
i.simpli.fi
um.simpli.fi
14 KB
19 fuelmedia.io
fuel-streaming-prod01.fuelmedia.io
35 MB
18 gumgum.com
rtb.gumgum.com
5 KB
17 reviewjournal.com
www.reviewjournal.com
media.reviewjournal.com
614 KB
13 revcontent.com
assets.revcontent.com
trends.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
184 KB
13 gstatic.com
fonts.gstatic.com
238 KB
12 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
image2.pubmatic.com
38 KB
12 openx.net
didna-d.openx.net
rtb.openx.net
us-u.openx.net
eu-u.openx.net
3 KB
10 springserve.com
sync.springserve.com
vid.springserve.com
6 KB
10 google.com
www.google.com
adservice.google.com
spreadsheets.google.com
4 KB
9 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
43 KB
9 googleapis.com
fonts.googleapis.com
storage.googleapis.com
gadasource.storage.googleapis.com
31 KB
8 ayc0zsm69431gfebd.xyz
cdn.ayc0zsm69431gfebd.xyz
153 KB
8 google-analytics.com
www.google-analytics.com
39 KB
7 advertising.com
adserver-us.adtech.advertising.com
pixel.advertising.com
983 B
7 adnxs.com
ib.adnxs.com
secure.adnxs.com
6 KB
7 includemodal.com
cdn.includemodal.com
includemodal.com
12 KB
7 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d1wa9546y9kg0n.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
76 KB
7 cloudinary.com
res.cloudinary.com
61 KB
6 spotxchange.com
sync.search.spotxchange.com
4 KB
6 launchdarkly.com
app.launchdarkly.com
events.launchdarkly.com
2 KB
6 googletagservices.com
www.googletagservices.com
208 KB
6 facebook.com
www.facebook.com
138 KB
6 google.de
www.google.de
544 B
5 outbrain.com
sync.outbrain.com
2 KB
5 casalemedia.com
htlb.casalemedia.com
as-sec.casalemedia.com
ssum.casalemedia.com
3 KB
5 adsrvr.org
insight.adsrvr.org
match.adsrvr.org
2 KB
4 1rx.io
sync.1rx.io
2 KB
4 mg2insights.com
api.mg2insights.com
369 B
4 rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
5 KB
4 criteo.com
gum.criteo.com
mug.criteo.com
1 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 tremorhub.com
pbs.publishers.tremorhub.com
simplifi.partners.tremorhub.com
681 B
3 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
3 KB
3 parsely.com
cdn.parsely.com
p1.parsely.com
23 KB
3 fastly.net
includemodal.global.ssl.fastly.net
33 KB
3 33across.com
ssc.33across.com
2 KB
3 azureedge.net
loader-cdn.azureedge.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
261 KB
3 google.se
adservice.google.se
2 KB
3 postrelease.com
jadserve.postrelease.com
2 KB
2 visualstudio.com
dc.services.visualstudio.com
470 B
2 lijit.com
ce.lijit.com
968 B
2 crwdcntrl.net
bcp.crwdcntrl.net
978 B
2 pro-market.net
fei.pro-market.net
879 B
2 intentiq.com
sync.intentiq.com
2 agkn.com
aa.agkn.com
d.agkn.com
966 B
2 tapad.com
pixel.tapad.com
908 B
2 b0e8.com
cdn.b0e8.com
a.b0e8.com
22 KB
2 creativecdn.com
creativecdn.com
695 B
2 everesttech.net
sync-tm.everesttech.net
623 B
2 360yield.com
ad.360yield.com
619 B
2 mathtag.com
sync.mathtag.com
1 KB
2 3lift.com
eb2.3lift.com
737 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 contextweb.com
bh.contextweb.com
781 B
2 emxdgt.com
cs.emxdgt.com
22 B
2 moatads.com
z.moatads.com
s-jsonp.moatads.com
55 KB
2 azurewebsites.net
prod-review-journal-proxy-connext.azurewebsites.net
105 KB
2 rlcdn.com
api.rlcdn.com
idsync.rlcdn.com
292 B
2 bc0a.com
cdn.bc0a.com
ixf2-api.bc0a.com
24 KB
2 msecnd.net
az416426.vo.msecnd.net
45 KB
2 pingdom.net
rum-static.pingdom.net
rum-collector-2.pingdom.net
3 KB
2 facebook.net
connect.facebook.net
93 KB
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
2 rawgit.com
cdn.rawgit.com
80 KB
2 googletagmanager.com
www.googletagmanager.com
94 KB
2 silobreaker.com
info.silobreaker.com
4 KB
1 googleadservices.com
www.googleadservices.com
310 B
1 bluekai.com
stags.bluekai.com
745 B
1 bfmio.com
sync.bfmio.com
421 B
1 exelator.com
loadm.exelator.com
324 B
1 rfihub.com
p.rfihub.com
745 B
1 socdm.com
tg.socdm.com
694 B
1 zemanta.com
b1sync.zemanta.com
281 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 stackadapt.com
sync.srv.stackadapt.com
608 B
1 yieldmo.com
ads.yieldmo.com
35 B
1 sonobi.com
sync.go.sonobi.com
513 B
1 imrworldwide.com
secure-gl.imrworldwide.com
428 B
1 db-ip.com
api-mg2.db-ip.com
948 B
1 mg2connext.com
cdn.mg2connext.com
2 KB
1 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
1 KB
1 twitter.com
analytics.twitter.com
660 B
1 t.co
t.co
448 B
1 polyfill.io
polyfill.io
554 B
1 aamsitecertifier.com
aamcf.aamsitecertifier.com
467 B
1 quantcount.com
rules.quantcount.com
1 KB
1 resonate.com
cdn.resonate.com
204 B
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 onesignal.com
cdn.onesignal.com
3 KB
1 ntv.io
s.ntv.io
102 KB
1 indexww.com
js-sec.indexww.com
13 KB
0 districtm.io Failed
dmx.districtm.io Failed
419 99
Domain Requested by
62 s0.2mdn.net 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
s0.2mdn.net
22 um.simpli.fi 16 redirects
19 fuel-streaming-prod01.fuelmedia.io www.reviewjournal.com
az416426.vo.msecnd.net
fuel-streaming-prod01.fuelmedia.io
18 rtb.gumgum.com 1 redirects vid.springserve.com
www.reviewjournal.com
rtb.gumgum.com
17 securepubads.g.doubleclick.net www.reviewjournal.com
securepubads.g.doubleclick.net
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
www.googletagservices.com
az416426.vo.msecnd.net
16 www.reviewjournal.com info.silobreaker.com
www.reviewjournal.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
tpc.googlesyndication.com
13 fonts.gstatic.com fonts.googleapis.com
9 sync.springserve.com fuel-streaming-prod01.fuelmedia.io
www.reviewjournal.com
rtb.gumgum.com
8 cm.g.doubleclick.net 7 redirects rtb.gumgum.com
8 cdn.ayc0zsm69431gfebd.xyz www.reviewjournal.com
cdn.ayc0zsm69431gfebd.xyz
8 www.google-analytics.com www.googletagmanager.com
www.reviewjournal.com
az416426.vo.msecnd.net
7 pagead2.googlesyndication.com www.googletagservices.com
az416426.vo.msecnd.net
tpc.googlesyndication.com
7 www.i.matheranalytics.com www.reviewjournal.com
7 trends.revcontent.com assets.revcontent.com
7 res.cloudinary.com www.reviewjournal.com
7 fonts.googleapis.com www.reviewjournal.com
s0.2mdn.net
6 sync.search.spotxchange.com 5 redirects
6 includemodal.com 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
6 ib.adnxs.com 2 redirects media.reviewjournal.com
6 www.googletagservices.com securepubads.g.doubleclick.net
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
6 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 www.facebook.com www.reviewjournal.com
connect.facebook.net
www.facebook.com
6 www.google.de www.reviewjournal.com
6 www.google.com 1 redirects www.reviewjournal.com
5 us-u.openx.net 3 redirects www.reviewjournal.com
5 sync.outbrain.com 4 redirects rtb.gumgum.com
5 adserver-us.adtech.advertising.com media.reviewjournal.com
5 stats.g.doubleclick.net www.google-analytics.com
az416426.vo.msecnd.net
4 sync.1rx.io 4 redirects
4 ads.pubmatic.com vid.springserve.com
ads.pubmatic.com
rtb.gumgum.com
4 d2s8wlbatk24s7.cloudfront.net az416426.vo.msecnd.net
includemodal.global.ssl.fastly.net
4 app.launchdarkly.com fuel-streaming-prod01.fuelmedia.io
4 api.mg2insights.com g2insights-cdn.azureedge.net
4 match.adsrvr.org 3 redirects js-sec.indexww.com
3 image8.pubmatic.com 2 redirects www.reviewjournal.com
3 x.bidswitch.net 3 redirects
3 images.revcontent.com www.reviewjournal.com
3 includemodal.global.ssl.fastly.net 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
3 ssc.33across.com media.reviewjournal.com
3 hbopenbid.pubmatic.com media.reviewjournal.com
3 didna-d.openx.net media.reviewjournal.com
3 fastlane.rubiconproject.com media.reviewjournal.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.se securepubads.g.doubleclick.net
3 jadserve.postrelease.com s.ntv.io
www.reviewjournal.com
2 events.launchdarkly.com az416426.vo.msecnd.net
2 p1.parsely.com cdn.parsely.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com
2 pixel.tapad.com 1 redirects
2 eu-u.openx.net 2 redirects
2 creativecdn.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 ad.360yield.com 2 redirects
2 sync.mathtag.com 2 redirects
2 eb2.3lift.com 2 redirects
2 pbs.publishers.tremorhub.com 1 redirects www.reviewjournal.com
2 sync.targeting.unrulymedia.com 1 redirects rtb.gumgum.com
2 bh.contextweb.com 2 redirects
2 rtb.openx.net 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 cs.emxdgt.com www.reviewjournal.com
rtb.gumgum.com
2 d1wa9546y9kg0n.cloudfront.net cdn.ayc0zsm69431gfebd.xyz
2 prod-review-journal-proxy-connext.azurewebsites.net cdn.ayc0zsm69431gfebd.xyz
2 htlb.casalemedia.com media.reviewjournal.com
2 mug.criteo.com www.reviewjournal.com
2 gum.criteo.com 1 redirects
2 js.matheranalytics.com 1 redirects www.reviewjournal.com
2 az416426.vo.msecnd.net www.reviewjournal.com
cdn.ayc0zsm69431gfebd.xyz
2 connect.facebook.net info.silobreaker.com
connect.facebook.net
2 cdn.rawgit.com www.reviewjournal.com
cdn.rawgit.com
2 www.googletagmanager.com www.reviewjournal.com
g2insights-cdn.azureedge.net
2 info.silobreaker.com 1 redirects
1 pixel.rubiconproject.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 stags.bluekai.com
1 sync.bfmio.com
1 loadm.exelator.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 rum-collector-2.pingdom.net az416426.vo.msecnd.net
1 i.simpli.fi tag.simpli.fi
1 a.b0e8.com www.reviewjournal.com
1 cdn.b0e8.com info.silobreaker.com
1 ixf2-api.bc0a.com az416426.vo.msecnd.net
1 image2.pubmatic.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 tg.socdm.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.yieldmo.com www.reviewjournal.com
1 sync.go.sonobi.com www.reviewjournal.com
1 as-sec.casalemedia.com az416426.vo.msecnd.net
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 vid.springserve.com fuel-streaming-prod01.fuelmedia.io
1 secure-gl.imrworldwide.com www.reviewjournal.com
1 s-jsonp.moatads.com info.silobreaker.com
1 cdn.revcontent.com www.reviewjournal.com
1 img.revcontent.com www.reviewjournal.com
1 api-mg2.db-ip.com cdn.ayc0zsm69431gfebd.xyz
1 cdn.mg2connext.com cdn.ayc0zsm69431gfebd.xyz
1 z.moatads.com s.ntv.io
1 paywall-ad-bucket.s3.amazonaws.com www.reviewjournal.com
1 g2insights-cdn.azureedge.net www.reviewjournal.com
1 fp-cdn.azureedge.net www.reviewjournal.com
1 spreadsheets.google.com www.reviewjournal.com
1 cdn.includemodal.com www.googletagmanager.com
1 loader-cdn.azureedge.net www.reviewjournal.com
1 api.rlcdn.com js-sec.indexww.com
1 analytics.twitter.com static.ads-twitter.com
1 pixel.wp.com www.reviewjournal.com
1 d1z2jf7jlzjs58.cloudfront.net www.reviewjournal.com
1 cdn.bc0a.com www.reviewjournal.com
1 t.co www.reviewjournal.com
1 polyfill.io www.reviewjournal.com
1 assets.revcontent.com www.reviewjournal.com
1 pixel.quantserve.com www.reviewjournal.com
1 aamcf.aamsitecertifier.com www.reviewjournal.com
1 rules.quantcount.com secure.quantserve.com
1 insight.adsrvr.org www.reviewjournal.com
1 tag.simpli.fi www.googletagmanager.com
1 gadasource.storage.googleapis.com info.silobreaker.com
1 cdn.resonate.com info.silobreaker.com
1 rum-static.pingdom.net www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 stats.wp.com www.reviewjournal.com
1 cdn.onesignal.com www.reviewjournal.com
1 storage.googleapis.com www.reviewjournal.com
1 s.ntv.io www.reviewjournal.com
1 media.reviewjournal.com www.reviewjournal.com
1 js-sec.indexww.com www.reviewjournal.com
0 dmx.districtm.io Failed media.reviewjournal.com
419 148
Subject Issuer Validity Valid
info.silobreaker.com
Cloudflare Inc ECC CA-3		 2020-06-30 -
2021-06-30		 a year crt.sh
develop.reviewjournal.com
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.reviewjournal.com
Amazon		 2020-12-18 -
2022-01-16		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
cdn.rawgit.com
R3		 2021-03-28 -
2021-06-26		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.pingdom.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-15 -
2022-01-15		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
aamcf.aamsitecertifier.com
Go Daddy Secure Certificate Authority - G2		 2020-07-06 -
2021-09-04		 a year crt.sh
assets.revcontent.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-25 -
2022-03-26		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
cdn.bc0a.com
GTS CA 1D2		 2021-02-26 -
2021-05-27		 3 months crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-19 -
2022-04-19		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google.se
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
sni22a5dgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-03 -
2021-11-07		 a year crt.sh
cdn.includemodal.com
R3		 2021-03-05 -
2021-06-03		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.adtech.advertising.com
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
fuelmedia.io
Amazon		 2020-07-08 -
2021-08-08		 a year crt.sh
sni1ad09gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-11-22 -
2021-12-01		 2 years crt.sh
sni1ad03gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-11-22 -
2021-12-01		 2 years crt.sh
sni9642gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-20 -
2022-03-22		 a year crt.sh
revcontent.com
Amazon		 2020-07-08 -
2021-08-08		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01		 2020-09-28 -
2021-09-28		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
api.mg2insights.com
GTS CA 1D2		 2021-03-31 -
2021-06-29		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
sni1575gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-16 -
2022-03-18		 a year crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
img.revcontent.com
R3		 2021-03-16 -
2021-06-14		 3 months crt.sh
cdn.revcontent.com
R3		 2021-03-17 -
2021-06-15		 3 months crt.sh
*.freetls.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-05 -
2022-04-06		 a year crt.sh
includemodal.com
Amazon		 2020-11-15 -
2021-12-14		 a year crt.sh
images.revcontent.com
R3		 2021-03-15 -
2021-06-13		 3 months crt.sh
*.springserve.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-28 -
2022-02-01		 a year crt.sh
*.parsely.com
Amazon		 2020-08-02 -
2021-09-02		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.yieldmo.com
Amazon		 2020-06-23 -
2021-07-23		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
ixfd-api.bc0a.com
GTS CA 1D2		 2021-03-04 -
2021-06-02		 3 months crt.sh
cdn.b0e8.com
GTS CA 1D2		 2021-02-15 -
2021-05-16		 3 months crt.sh
b0e8.com
GTS CA 1D4		 2021-04-07 -
2021-07-06		 3 months crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.intentiq.com
Amazon		 2021-04-04 -
2022-05-03		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.bfmio.com
Amazon		 2020-06-14 -
2021-07-14		 a year crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-03-24 -
2022-03-30		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-20 -
2021-04-21		 2 years crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02		 2021-03-09 -
2022-03-09		 a year crt.sh
events.launchdarkly.com
Amazon		 2020-10-19 -
2021-11-17		 a year crt.sh

This page contains 26 frames:

Primary Page: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Frame ID: 81C1639E5C02FE194BD8F3519A5F130E
Requests: 257 HTTP requests in this frame

Frame: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7426E252F92FF36E76D20EF437959956
Requests: 8 HTTP requests in this frame

Frame: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C25EACE2EC0CECCAD2A0A23654E51AFF
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Freviewjournal&width=105&layout=button_count&action=like&size=large&show_faces=false&share=false&height=21&appId=846558002155573
Frame ID: 45565D7817B09C40A7A31AAF64149B0D
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Frame ID: E9287A4942BB2765C915E69EF280C09D
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Frame ID: F746BC3F5B0C46373E9FF90C993D899C
Requests: 15 HTTP requests in this frame

Frame: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2EB76D30FF1BECB8F1097761FEF06977
Requests: 12 HTTP requests in this frame

Frame: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D8E34C6914BA70527D00450486CAC26
Requests: 12 HTTP requests in this frame

Frame: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C1F44324A7CEB874A39D4BC98E62598A
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Frame ID: 792F238483268AD72DBA6946BDFA59EB
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Frame ID: 330CAD87F6729E4930F478390DCD4AD4
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Frame ID: A7FFA52FA78290EBAF07A8CA1020437E
Requests: 12 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Frame ID: C1521D872F51D2D70F2C0C4E8986F360
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26uuid%3D
Frame ID: 39C0A6BD673DA8132D5B7763A964289B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8B55F7A7FFBC8044ACECCA3725E61674
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=8f536070-3795-4c00-9b7f-0cf5aa353051&gdpr=&gdpr_consent=
Frame ID: 711E38BF2782D0C034298D0E09BD3C00
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YHA3nAAAAh084gAJ&gdpr=&gdpr_consent=&_test=YHA3nAAAAh084gAJ
Frame ID: 1009EAF13D4538542E01DA71D020C7D9
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wOGEzYjQ3Ny02ZTc2LTRiZGQtYTYxZi0yYjkxMDgwODVkOGU=&gdpr=&gdpr_consent=
Frame ID: F92D40770928C7D8A76F7C6784744551
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 34C5A909D6E6FED7FA1BD998E91F2A9B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=af0b79bc-ef47-4a09-b899-adefd88c7f6e&t=1620558997
Frame ID: 780993B0D8F85B9A9C871C39EB11186D
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: B1F321285565E7BD9858EC9C2E1C24FE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YHA3ncCo8XMAAIerASUAAAAA
Frame ID: 9F7CD99D24468860855D1D87B5E001A6
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1871878969067474966
Frame ID: E24D1FF7AEC2315CDB7439F25E594E8F
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=pkIBs7xlCefiddjMJnPx&pi=gumgum&tc=1
Frame ID: CCA184A0613CD896580AE61678F1A958
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A515FAAC1B25EA4D4EED5AD70D6B4D4F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7E7B73BEA27C28AD134A630D749976EE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9... Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V... HTTP 307
    https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-cont... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

419
Requests

98 %
HTTPS

27 %
IPv6

99
Domains

148
Subdomains

109
IPs

9
Countries

39840 kB
Transfer

47527 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71 Page URL
  2. https://info.silobreaker.com/events/public/v1/track/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71?_ud=ed99201a-807f-4f41-bdaf-cc651c7d6458&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://js.matheranalytics.com/s/ma54884/233443800/ml.js?cb7=1561 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma54884/233443800/17/ml.br.js
Request Chain 73
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.reviewjournal.com%2F&domain=www.reviewjournal.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=0BTh13x3Nzd2SGhuQ0hxZjdhUk04Y1htdERRSytiblNKRkFhNkpVeUpMT2cwWFlWa002NmdUcWUzaDNkVXhtWld0aERxMk1ScS9wd0JYRUxuNUVMTDkxbTNuWFJSVTZZSHRwcXFyWHRHU2REQU92dE4zK0VwV3FYODJlTUw0cDcvdVU2YXdmMGd4RDR0UWF4U3ZwcjE3WnFXcVNmbWJlZEVkaVJqcVZ1dGxvLytMN3hPTy9wNHBpZFpGVVF0cGxPcGhEQVQva3N2YktKZE44YmpTN3p2ZmdiT0o1eU9zOE9XUWpFUEhFdGhxWmJES2lVPXw&cppv=2
Request Chain 276
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000001&uuid=8468301418355016956
Request Chain 278
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26uuid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26uuid%3D&s=184932&C=1 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000005&uuid=YHA3nHSx0sV1.zSXfbU2cwAA%261846
Request Chain 279
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e872755-9925-11eb-98c4-06101d0df3ac HTTP 302
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e872755-9925-11eb-98c4-06101d0df3ac&verify=true HTTP 302
  • https://sync.springserve.com/usersync?aid=759&uuid=y-yF6vqARE2uGfPy_2bJjjwmbFx.cCV80_~A~UP0e872755-9925-11eb-98c4-06101d0df3ac
Request Chain 280
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26uuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26uuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000008&uuid=35f6ed74-d3de-4833-a7d8-0517912b693e
Request Chain 281
  • https://bh.contextweb.com/rtset?pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000011&uuid=89tN9lRU6Nuh&ev=1&pid=561910
Request Chain 282
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26uuid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1956552786 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/af0b79bc-ef47-4a09-b899-adefd88c7f6e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e634dfcb-2c14-40db-97c6-2597c3efa643-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
Request Chain 284
  • https://sync.search.spotxchange.com/partner?adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26uuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26uuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=0e512b6b-9925-11eb-a4c8-10d4c6b20406 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000014&uuid=0e512b32-9925-11eb-a4c8-10d4c6b20406
Request Chain 285
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26uuid%3D%5Btvid%5D HTTP 302
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26uuid%3D%5Btvid%5D
Request Chain 286
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26uuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000016&uuid=6081579686087827243
Request Chain 297
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=8468301418355016956
Request Chain 298
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D202e0319-0434-436d-bd4b-0ec5980c7912&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=8f536070-3795-4c00-9b7f-0cf5aa353051&expires=30&ssp=gumgum2&bsw_param=202e0319-0434-436d-bd4b-0ec5980c7912&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=202e0319-0434-436d-bd4b-0ec5980c7912
Request Chain 299
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e&obuid=ENC(nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DnLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DnLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ&__user_check__=1&sync_id=0e5a7c95-9925-11eb-b93a-1f6fc1874606 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=0e5a7c65-9925-11eb-b93a-1f6fc1874606&obUid=nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=0e5a7c65-9925-11eb-b93a-1f6fc1874606&obUid=nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ&rdrctExp=true
Request Chain 300
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=5aecbb5a-9209-42e5-9c21-b8a17a39ad86
Request Chain 301
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-467d1417-d078-4045-528e-7bb8b1a48dba$ip$185.76.9.102
Request Chain 302
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-.8o5jiFE2pdBBNPLq7SKbqmCUahlC3dcnOZU~A
Request Chain 303
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=116e8fe5-9925-11eb-b0c5-e98da5f7f1ff
Request Chain 306
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 307
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=36dab738-6709-4fc8-99fe-436b6647d4ed
Request Chain 308
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6295553668 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/af0b79bc-ef47-4a09-b899-adefd88c7f6e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
Request Chain 309
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=pSMjDcY9hcua&ev=1&pid=558355
Request Chain 311
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=8f536070-3795-4c00-9b7f-0cf5aa353051&gdpr=&gdpr_consent=
Request Chain 312
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHA3nAAAAh084gAJ HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YHA3nAAAAh084gAJ&gdpr=&gdpr_consent=&_test=YHA3nAAAAh084gAJ
Request Chain 315
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=af0b79bc-ef47-4a09-b899-adefd88c7f6e&t=1620558997
Request Chain 317
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YHA3ncCo8XMAAIerASUAAAAA
Request Chain 318
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878969067474966
Request Chain 319
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=pkIBs7xlCefiddjMJnPx&pi=gumgum&tc=1
Request Chain 344
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODRERjBBRDItNzY5Ni00MkJDLUJGMEMtREU3MThDMDRDNEZB&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODRERjBBRDItNzY5Ni00MkJDLUJGMEMtREU3MThDMDRDNEZB&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 345
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=0d3929b3-a213-40a2-b174-e3e8ed0394b5&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=0d3929b3-a213-40a2-b174-e3e8ed0394b5&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF893uS1XIGetEuuNyKVWVM&google_cver=1
Request Chain 378
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=EB88AA5EDF704EC0B544584DB223CE5D
Request Chain 379
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=EB88AA5EDF704EC0B544584DB223CE5D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EB88AA5EDF704EC0B544584DB223CE5D
Request Chain 380
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=EB88AA5EDF704EC0B544584DB223CE5D HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1617967006&ip=185.76.9.102&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165010903751000576680 HTTP 302
  • https://um.simpli.fi/aa_px?sk=165010903751000576680
Request Chain 382
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EB88AA5EDF704EC0B544584DB223CE5D
Request Chain 385
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=EB88AA5EDF704EC0B544584DB223CE5D;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=EB88AA5EDF704EC0B544584DB223CE5D;mimetype=img;sr HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=7604335014599805307
Request Chain 386
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EB88AA5EDF704EC0B544584DB223CE5D&j=0
Request Chain 388
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=EB88AA5EDF704EC0B544584DB223CE5D
Request Chain 389
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=EB88AA5EDF704EC0B544584DB223CE5D
Request Chain 390
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EB88AA5EDF704EC0B544584DB223CE5D HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EB88AA5EDF704EC0B544584DB223CE5D
Request Chain 391
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EB88AA5EDF704EC0B544584DB223CE5D HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EB88AA5EDF704EC0B544584DB223CE5D&dnr=1
Request Chain 392
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=EB88AA5EDF704EC0B544584DB223CE5D
Request Chain 393
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1617967005838&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1583908523&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=nTdwYM_LN6WL7_UPsu-SqAk&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1583908523&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nTdwYM_LN6WL7_UPsu-SqAk&cid=CAQSKQCNIrLMa99a5Q2FVz7o5ZKLPRnhP4SSSDpOlg1TS4a4PvPhbOv0CCoM&random=2553120659 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1583908523&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nTdwYM_LN6WL7_UPsu-SqAk&cid=CAQSKQCNIrLMa99a5Q2FVz7o5ZKLPRnhP4SSSDpOlg1TS4a4PvPhbOv0CCoM&random=2553120659&ipr=y
Request Chain 394
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EB88AA5EDF704EC0B544584DB223CE5D HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EB88AA5EDF704EC0B544584DB223CE5D&__user_check__=1&sync_id=121b2172-9925-11eb-90c0-1df4c96b0a06
Request Chain 395
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=EB88AA5EDF704EC0B544584DB223CE5D HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEB88AA5EDF704EC0B544584DB223CE5D
Request Chain 396
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EB88AA5EDF704EC0B544584DB223CE5D&expires=365
Request Chain 397
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EB88AA5EDF704EC0B544584DB223CE5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EB88AA5EDF704EC0B544584DB223CE5D
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEFqT68IZDbuAYRLKOFd_pOk&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EB88AA5EDF704EC0B544584DB223CE5D HTTP 302
  • https://um.simpli.fi/g_match?id=

419 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn...
info.silobreaker.com/e2t/tc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
info.silobreaker.com
:scheme
https
:path
/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:31 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d5fc418b401bb49cd9da58f9a8925286d1617966991; expires=Sun, 09-May-21 11:16:31 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=4a8bf5e67f814591471bed9d4aae039e63966cb3-1617966991; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray
63d352e058f8dfd7-FRA
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0957f2203a0000dfd7c427c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qwm1pkoLYw5H0xCPPoXPn2P6k5RGT6Ok1jFtJQx%2FBcnOVDQJZXbDedxBcDM1M5vtYEqdO2HtpNKFGD5dhurf%2F%2FeKY0U4NrGBi82pOV5AZNjMRxjahQ%3D%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
Primary Request /
www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/
Redirect Chain
  • https://info.silobreaker.com/events/public/v1/track/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20...
  • https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiA...
263 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
2df0cfe55a9f53711fe562cf7176b9230a549409ad108a675d2e998b01d39606

Request headers

:method
GET
:authority
www.reviewjournal.com
:scheme
https
:path
/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71

Response headers

server
nginx
date
Fri, 09 Apr 2021 11:16:32 GMT
content-type
text/html; charset=UTF-8
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
set-cookie
vip-go-seg=vc-v1__RJApp_--_no; expires=Sun, 09-May-2021 11:16:31 GMT; Max-Age=2592000; path=/
link
<https://www.reviewjournal.com/wp-json/>; rel="https://api.w.org/" <https://www.reviewjournal.com/wp-json/wp/v2/posts/2324885>; rel="alternate"; type="application/json" <https://wp.me/p8qdWm-9KO9>; rel=shortlink
content-encoding
gzip
x-rq
arn1 102 123 3260
age
0
x-cache
miss
accept-ranges
bytes

Redirect headers

date
Fri, 09 Apr 2021 11:16:31 GMT
location
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
cf-ray
63d352e12a26dfd7-FRA
link
<https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
0957f220be0000dfd7edb9a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-robots-tag
none
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OVJNlxGoccVaIOJkdntFD6CY%2FZ5uJOh8LYcNsdCM1kvfW%2B%2Fod2omTBIDi665MTJDeBU4%2Fh4YKJTDDWHcErBvbXwZIs03b5cD4leojw0gfenq7c8guA%3D%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Raleway:400,700,900
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b10b81a71765e74dd98b8552a5a02daf889d38637a65108fb42c512e5879737
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://www.reviewjournal.com
Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 11:16:32 GMT
server
ESF
date
Fri, 09 Apr 2021 11:16:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 11:16:32 GMT
/
www.reviewjournal.com/_static/ 		282 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.reviewjournal.com/_static/??-eJyNj90OgjAMhV/IrUwIhAvjoxgYU4b7Cy1B3t5NxYREjXdtzzlfW5gDk96RcgTUK6sQxoH6fSZqMLodm3GBc9RZMyv0VrGCVzwDibgZc6sdj8Md/OAhLeY/Z8IHj7QxayfN1EVbUjuNBK3x8srWM7/jg5ku2iX++6cbGt0pOCXWs/6YtBNbw4Oi0MR1NS8fF7z6FDnagyhFJfKqLos7Kip51g==
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
cb4fbcfb49280979ebc30f0deb04974948c453ebc06076484da74c1651ab3c27

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
x-rq
arn1 102 242 3139
last-modified
Tue, 30 Mar 2021 20:59:26 GMT
server
nginx
age
1476
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
content-length
49883
/
www.reviewjournal.com/_static/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
328259d3a69bd234aeb53f5f5353eba32a1afadff3e12e7b3cfe5b5fb6ad908d

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
x-rq
arn1 102 131 3134
last-modified
Sat, 27 Mar 2021 23:39:27 GMT
server
nginx
age
406
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
35960
layout.min.js
www.reviewjournal.com/wp-content/themes/rjth2019/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reviewjournal.com/wp-content/themes/rjth2019/js/layout.min.js?ver=20201210
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ba45337e83533a4b394ca5b432689dc0405d6bcda26fd27549cc6363f040a7ff

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
x-rq
arn1 96 189 3140
last-modified
Tue, 09 Feb 2021 11:10:28 GMT
server
nginx
age
3701
etag
W/"60226da4-212d"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2868
expires
Sat, 09 Apr 2022 11:16:32 GMT
/
www.reviewjournal.com/_static/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reviewjournal.com/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1i/K0i8oTcrJTNbPAnF0IRy93Mw8vaxiHX3sOnIyk4oSiyr1K1KKEtOJVFuUWlwAkibW6OKczJRU/XigqyBMAvoQnijIL4ZZYp9ra2hmaGxpYGZoapQFAPFOXiI=
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9538d8bd7dcab3de7ddd6723a667aad290af9d1c6e4b29769b4edddf2939da46

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
x-rq
arn1 102 131 3134
last-modified
Sat, 27 Mar 2021 23:39:26 GMT
server
nginx
age
406
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9399
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
b103806c4097038ff0178ee308be051f00c5aaebf96e25b7a76f96ac58525a93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"837 / 94 of 1000 / last-modified: 1617961166"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20341
x-xss-protection
0
expires
Fri, 09 Apr 2021 11:16:32 GMT
186905-129106728116453.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Apr 2021 11:11:51 GMT
Server
Apache
ETag
"da26e7-930b-5bf883b1e11bb"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
12789
Expires
Fri, 09 Apr 2021 12:16:33 GMT
prebid-4.11.0.js
media.reviewjournal.com/media/projects/header-bidding/ 		254 KB
255 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-65.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfe7a9764568b4ae1ef7344357abd9a96a425e321518d7604952dc6953186307

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
etag
"c1cf05d2a7156280721e708de66411d0"
age
15326
x-cache
Hit from cloudfront
content-length
259956
last-modified
Mon, 12 Oct 2020 17:58:45 GMT
server
AmazonS3
date
Fri, 09 Apr 2021 07:01:44 GMT
content-type
application/javascript
cache-control
public,max-age=2592000
x-amz-meta-version-id
null
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
OoMsBWqTgdqf-bWCz0bba5Cpg9i2A4wthGZSMMcuf0uaoI1CMtG7qQ==
expires
Wed, 11 Nov 2021 17:58:31 UTC
/
www.reviewjournal.com/_static/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reviewjournal.com/_static/??-eJxtjMsKgCAQAH+obbNI6BB9SviIWDGV1oj6+ggKOnSbOczgnsDEkKeQMfltpsC4Okyb9mTQMSoLWc08arIvQ4qcy4VC6bjA3wF4dR7go7L34+tPNyy9kKLpKina2l0VpC/W
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
550bccc6fcbe41527998fe7207ef6e5f984d4bb13f4ebafb40220fe74ad8f92c

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
x-rq
arn1 103 10 3189
last-modified
Sat, 13 Feb 2021 16:57:22 GMT
server
nginx
age
406
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
9090
loader.min.js
www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
x-rq
arn1 100 121 3133
last-modified
Sat, 05 Sep 2020 21:17:27 GMT
server
nginx
age
3701
etag
W/"5f540067-3e4a"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5483
expires
Sat, 09 Apr 2022 11:16:32 GMT
clear-night.png
res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_40/webdev/darksky_icon/ 		230 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_40/webdev/darksky_icon/clear-night.png
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
10e8a505f91e7a4a676109b1e124e75f76771665705dfd149da89eafcdf1c5a4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="clear-night.webp"
server-timing
fastly;dur=1;start=2021-04-09T11:16:32.616Z;desc=hit,rtt;dur=5
vary
Save-Data
content-length
230
last-modified
Sat, 08 Aug 2020 02:51:07 GMT
server
Cloudinary
etag
"1bb019532bb26de40a381a7058f062ba"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
css2
fonts.googleapis.com/ 		412 B
762 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Holtwood+One+SC&display=swap
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJyNj90OgjAMhV/IrUwIhAvjoxgYU4b7Cy1B3t5NxYREjXdtzzlfW5gDk96RcgTUK6sQxoH6fSZqMLodm3GBc9RZMyv0VrGCVzwDibgZc6sdj8Md/OAhLeY/Z8IHj7QxayfN1EVbUjuNBK3x8srWM7/jg5ku2iX++6cbGt0pOCXWs/6YtBNbw4Oi0MR1NS8fF7z6FDnagyhFJfKqLos7Kip51g==
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75415de477057d29dc8ce932edb80f70daf44f0796a28dd76ff310bc148178e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 11:16:32 GMT
server
ESF
date
Fri, 09 Apr 2021 11:16:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 11:16:32 GMT
gtm.js
www.googletagmanager.com/ 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WJQX3C
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
851bbed869c3284ed59ee585f67acac0dbd9b105b2570a6d786f4ca103ef5a18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57223
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Apr 2021 11:16:32 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
fontawesome-webfont.woff2
www.reviewjournal.com/wp-content/themes/rjth2019/library/font-awesome-4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.reviewjournal.com/wp-content/themes/rjth2019/library/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJyNj90OgjAMhV/IrUwIhAvjoxgYU4b7Cy1B3t5NxYREjXdtzzlfW5gDk96RcgTUK6sQxoH6fSZqMLodm3GBc9RZMyv0VrGCVzwDibgZc6sdj8Md/OAhLeY/Z8IHj7QxayfN1EVbUjuNBK3x8srWM7/jg5ku2iX++6cbGt0pOCXWs/6YtBNbw4Oi0MR1NS8fF7z6FDnagyhFJfKqLos7Kip51g==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://www.reviewjournal.com
Referer
https://www.reviewjournal.com/_static/??-eJyNj90OgjAMhV/IrUwIhAvjoxgYU4b7Cy1B3t5NxYREjXdtzzlfW5gDk96RcgTUK6sQxoH6fSZqMLodm3GBc9RZMyv0VrGCVzwDibgZc6sdj8Md/OAhLeY/Z8IHj7QxayfN1EVbUjuNBK3x8srWM7/jg5ku2iX++6cbGt0pOCXWs/6YtBNbw4Oi0MR1NS8fF7z6FDnagyhFJfKqLos7Kip51g==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
x-rq
arn1 96 189 3140
last-modified
Tue, 09 Feb 2021 11:10:28 GMT
server
nginx
age
1475
etag
"60226da4-12d68"
x-cache
hit
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-methods
GET, HEAD
accept-ranges
bytes
content-length
77160
expires
Sat, 09 Apr 2022 11:16:32 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Raleway:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.reviewjournal.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:37:32 GMT
server
sffe
age
119610
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47272
x-xss-protection
0
expires
Fri, 08 Apr 2022 02:03:02 GMT
rawline.css
cdn.rawgit.com/h-ibaldo/Raleway_Fixed_Numerals/master/css/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.rawgit.com/h-ibaldo/Raleway_Fixed_Numerals/master/css/rawline.css
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-26.cdn77.com
Software
BunnyCDN-DE1-657 /
Resource Hash
694fd0e3ae930abffb9c48b884af84c7c3e5d37e587be0018bffe4a73bcaf009
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
657, 718, 718
access-control-allow-origin
*
cdn-cachedat
2021-04-06 08:55:24
cdn-pullzone
201235
rawgit-cache-status
BYPASS
link
<https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
server
BunnyCDN-DE1-657
cdn-requestpullcode
200
x-robots-tag
none
vary
Accept-Encoding
sunset
Tue, 01 Oct 2019 00:00:00 GMT
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=2592000
cdn-requestid
4f289d794ca7bd3a0a781d285bec58c5
content-type
text/css;charset=utf-8
cdn-requestcountrycode
SE
cdn-requestpullsuccess
True
load.js
s.ntv.io/serve/ 		351 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b71b0d27540370e17a756c5933fa69530c00eca08f45ee357431c4ced9b7a07b

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:32 GMT
Content-Encoding
gzip
x-amz-request-id
F5FWP5WGNCXJEKMV
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
gPRd39SnLWkZMPEZ7juIQalncHRILs7Nvtz2U0koLNER46UaaFIV6RTadg6hYn/OOW2qDDUGF8g=
Last-Modified
Wed, 31 Mar 2021 22:45:08 GMT
Server
AmazonS3
ETag
"8a8b8db1174dd116a9ee658fe9cb1bad"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
pubads_impl_2021040101.js
securepubads.g.doubleclick.net/gpt/ 		286 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 01 Apr 2021 08:39:48 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103004
x-xss-protection
0
expires
Fri, 09 Apr 2021 11:16:32 GMT
didna-pixel-reviewjournal.js
storage.googleapis.com/didna-files/ 		0
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/didna-files/didna-pixel-reviewjournal.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-guploader-uploadid
ABg5-Uw-nE0aawtajvWEi61xu9p9icJiT1oZH4bE5QNM-x2xDi6MJOptAcNM45Mw6ptMLL-9HYIA-Dr7ay1PMjy9LR8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
last-modified
Tue, 10 Sep 2019 23:46:33 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
x-goog-generation
1568159193516062
cache-control
no-cache
x-goog-stored-content-length
0
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 09 Apr 2022 11:16:33 GMT
wp-embed.min.js
www.reviewjournal.com/wp-includes/js/ 		1 KB
872 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.reviewjournal.com/wp-includes/js/wp-embed.min.js?m=1615321562g
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
x-rq
arn1 102 123 3260
last-modified
Tue, 09 Mar 2021 20:26:02 GMT
server
nginx
age
2635023
etag
W/"6047d9da-592"
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
765
expires
Sat, 09 Apr 2022 11:16:32 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3413
etag
W/"29e3b92597e716694def18b1f85abbfb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
63d352e99e2c4e4f-FRA
cf-request-id
0957f2260000004e4fcc190000000001
expires
Mon, 12 Apr 2021 11:16:32 GMT
e-202114.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202114.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT arn
date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 27 Mar 2022 22:14:37 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJQX3C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
1786
date
Fri, 09 Apr 2021 10:46:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Fri, 09 Apr 2021 12:46:46 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJQX3C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
etag
"YoFsxqR3BwPygbSjh02Dug=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 16 Apr 2021 11:16:32 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJQX3C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
37508
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1617966993.042962,VS0,VE0
x-served-by
cache-hhn11575-HHN
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23784
x-fb-rlafr
0
pragma
public
x-fb-debug
zchjDGGL1Wz6hv/bpFNVktkPVIw3WtLFa/EvAERt9ZRG38cZpln0fxWpmruIsWMn/kao2Ka7Q0ZGCmNPk7rNhA==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Fri, 09 Apr 2021 11:16:32 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
x-xss-protection
0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pa-5bef16287e84eb00160004bc.js
rum-static.pingdom.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rum-static.pingdom.net/pa-5bef16287e84eb00160004bc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJQX3C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e0b7d512eac885e932bf5b1e6d0dda4ebbfc991e13b9dab097f582406dd1a0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Nov 2020 12:36:14 GMT
server
cloudflare
age
214
etag
W/"5fc0f2be-1889"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
63d352e9fbe44e55-FRA
cf-request-id
0957f2263900004e55cc230000000001
expires
Fri, 09 Apr 2021 11:17:58 GMT
analytics.min.js
cdn.resonate.com/analytics.js/v1/200300481/ 		0
204 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200300481/analytics.min.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
vary
Accept-Encoding
server
cloudflare
cf-request-id
0957f226cf0000f3e357aef000000001
cf-ray
63d352eae98af3e3-LHR
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
aam.js
gadasource.storage.googleapis.com/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gadasource.storage.googleapis.com/aam.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:54:32 GMT
content-encoding
gzip
age
1320
x-guploader-uploadid
ABg5-UxCzI_3mBBF2lb02vhtWfHp0yMvRyUXzuYc4syW9a3slBYHFqim8B3BIl4dIOV8cw1v1Q2ozkRvkLt4idphfDtzLlbo1w
x-goog-storage-class
MULTI_REGIONAL
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25648
x-goog-meta-
last-modified
Mon, 01 Feb 2021 20:45:02 GMT
server
UploadServer
etag
"d01602293dda6546ca8f8ededd0e44e8"
vary
Accept-Encoding
x-goog-hash
crc32c=18H1EQ==, md5=0BYCKT3aZUbKj47e3Q5E6A==
x-goog-generation
1612212302256968
cache-control
public, max-age=3600
x-goog-stored-content-length
25648
accept-ranges
bytes
content-type
text/plain
expires
Fri, 09 Apr 2021 11:54:32 GMT
d4783370-567b-0138-6adb-06659b33d47c
tag.simpli.fi/sifitag/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/d4783370-567b-0138-6adb-06659b33d47c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJQX3C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
f5e0aa8c73e533f59325fdd72cce907af50cf416043c4d812a0c7ee212366200
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Fri, 09 Apr 2021 11:16:33 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
3101
x-request-id
FnQsaGmgnLCmdR0C4KNE
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
/
insight.adsrvr.org/track/conv/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=zaqmr57&ct=0:ldv4c9w&fmt=3&gtmcb=900486377
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.179.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
collect
stats.g.doubleclick.net/j/ 		4 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=1098066451&gjid=257500289&_gid=1291628036.1617966993&_u=YGBAgAABAAAAAE~&z=1398603578
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 09 Apr 2021 11:16:32 GMT
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=239974910&t=pageview&_s=1&dl=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ul=en-us&de=UTF-8&dt=Nevada%E2%80%99s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1098066451&gjid=257500289&cid=1035772386.1617966993&tid=UA-77901017-1&_gid=1291628036.1617966993&gtm=2wg3v0WJQX3C&cg1=Politics%20and%20Government&cg2=Nevada&cg3=story_no_gallery&cg4=Local&cd2=article&cd3=Politics%20and%20Government&cd4=Nevada&cd5=Politics%20and%20Government%7CNevada&cd6=story_no_gallery&cd7=2021-04-08&cd9=%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F&cd11=Local&cd12=0&cd13=0&z=1195681287
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4375
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rules-p-m90B-SLYUSm_R.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-m90B-SLYUSm_R.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed941b0c87c7f1472a4b37ad701e4d9b0b76e378ba63e2ee417a060496872e2a

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:55:17 GMT
content-encoding
gzip
last-modified
Thu, 08 Nov 2018 23:48:47 GMT
server
AmazonS3
age
3549
etag
W/"f7ba721c0c9d7204ca23921d57305e7f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 bc46151b0550c2139685cbf8e4ad4762.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
4QeRPNIJdTIgOakG7_1aiogeUkfl6EJ4HcRZ69LP9oZOGcCJODYDSA==
471140030224837
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/471140030224837?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03f:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
559b31d3bc0185120c58737f353802e44bcf75835a53fca492f6a801e65baa40
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
E0CicyUutK3DLTwXHWe2Q3+NKVN4c0h2B931dr5sAZR713TGkBndeMZ4A8QHk7PSg1NvRZrWgosdUEwMKdwlzA==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 09 Apr 2021 11:16:33 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=1098066451&_u=YGBAgAABAAAAAE~&z=1457080085
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=1098066451&_u=YGBAgAABAAAAAE~&z=1457080085
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
aamcf.aamsitecertifier.com/ 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aamcf.aamsitecertifier.com/i?stm=1617966993059&e=pv&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&page=Nevada%E2%80%99s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=314&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=1542342b-ff0c-49d5-846c-414505201762&dtm=1617966993057&vp=1600x1200&ds=1600x1200&vid=1&sid=6346fd8d-2219-4d02-ab7c-5eda7e97df57&duid=bf33b179-7966-4a7a-ac36-e0e774cc6fa0&fp=1468261917&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjEwMzU3NzIzODYuMTYxNzk2Njk5MyJ9fV19
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.245.234.104 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:33 GMT
Server
Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
pixel;r=1682280573;labels=title.Nevada%E2%80%99s%20coronavirus%20positivity%20rate%20continues%20to%20creep%20higher%2Ctitle.Nevada%E2%80%99s%20coronavirus%20positivity%20rate%20continues%20to%20cr...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1682280573;labels=title.Nevada%E2%80%99s%20coronavirus%20positivity%20rate%20continues%20to%20creep%20higher%2Ctitle.Nevada%E2%80%99s%20coronavirus%20positivity%20rate%20continues%20to%20creep%20higher;source=gtm;rf=0;a=p-m90B-SLYUSm_R;url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-72368857-1617966993092;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=reviewjournal.com;je=0;sr=1600x1200x24;dst=1;et=1617966993092;tzo=-120;ogl=site_name.Las%20Vegas%20Review-Journal%2Ctype.article%2Ctitle.Nevada%E2%80%99s%20coronavirus%20positivity%20rate%20continues%20to%20creep%20higher%2Curl.https%3A%2F%2Fwww%252Ereviewjournal%252Ecom%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-corona%2Cdescription.Nevada%20on%20Thursday%20reported%20386%20new%20coronavirus%20cases%20and%20five%20additional%20deaths%2Cimage.https%3A%2F%2Fwww%252Ereviewjournal%252Ecom%2Fwp-content%2Fuploads%2F2021%2F04%2F15010525_web1_CV-VACCIN%2Cimage%3Awidth.1050%2Cimage%3Aheight.700
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
banner_7at7_1200.jpg
res.cloudinary.com/review-journal/image/upload/f_auto,q_auto/v1613425075/webdev/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/review-journal/image/upload/f_auto,q_auto/v1613425075/webdev/banner_7at7_1200.jpg
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
683d80eb1c8b1e4f7f711d405f7f021fff5cb96104a3078b1b81f900b80eb2da
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 15 Feb 2021 21:41:57 GMT
server
Cloudinary
etag
"fe113935bf0cbaff45b89e7fefb4c600"
vary
Save-Data
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=1;start=2021-04-09T11:16:33.104Z;desc=hit,rtt;dur=10
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
10835
play.png
res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_50/v1596833868/webdev/icon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_50/v1596833868/webdev/icon/play.png
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJyNj90OgjAMhV/IrUwIhAvjoxgYU4b7Cy1B3t5NxYREjXdtzzlfW5gDk96RcgTUK6sQxoH6fSZqMLodm3GBc9RZMyv0VrGCVzwDibgZc6sdj8Md/OAhLeY/Z8IHj7QxayfN1EVbUjuNBK3x8srWM7/jg5ku2iX++6cbGt0pOCXWs/6YtBNbw4Oi0MR1NS8fF7z6FDnagyhFJfKqLos7Kip51g==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
78190b4fd2293885052093ed4c303021b101e70978a189ea5f04b6f47058a565
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="play.webp"
server-timing
fastly;dur=1;start=2021-04-09T11:16:33.109Z;desc=hit,rtt;dur=10
vary
Save-Data
content-length
1704
last-modified
Fri, 07 Aug 2020 21:01:02 GMT
server
Cloudinary
etag
"1e6d6a0183bf1c002938d0c146bc47ff"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v22/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Raleway:400,700,900
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.reviewjournal.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:09:53 GMT
server
sffe
age
119611
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19300
x-xss-protection
0
expires
Fri, 08 Apr 2022 02:03:02 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Raleway:400,700,900
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.reviewjournal.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 01:57:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:08:44 GMT
server
sffe
age
119959
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18924
x-xss-protection
0
expires
Fri, 08 Apr 2022 01:57:14 GMT
rawline-900.woff2
cdn.rawgit.com/h-ibaldo/Raleway_Fixed_Numerals/master/font/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rawgit.com/h-ibaldo/Raleway_Fixed_Numerals/master/font/rawline-900.woff2
Requested by
Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/h-ibaldo/Raleway_Fixed_Numerals/master/css/rawline.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-89-187-169-26.cdn77.com
Software
BunnyCDN-DE1-657 /
Resource Hash
f7dac64634b7e6ee44cdf906aefd5cbe19ff4ee009235d614e061dd5d0c809f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.reviewjournal.com
Referer
https://cdn.rawgit.com/h-ibaldo/Raleway_Fixed_Numerals/master/css/rawline.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-content-type-options
nosniff
cdn-edgestorageid
657, 617
access-control-allow-origin
*
cdn-cachedat
2021-03-31 01:28:54
cdn-pullzone
201235
rawgit-cache-status
HIT
link
<https://rawgit.com/>; rel="sunset"; title="RawGit will soon shut down. Please stop using it."
server
BunnyCDN-DE1-657
cdn-requestpullcode
200
x-robots-tag
none
sunset
Tue, 01 Oct 2019 00:00:00 GMT
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=2592000
cdn-requestid
108a0e2aee00bac1e3c5e17f0fc27aaf
content-type
font/woff2
cdn-requestcountrycode
SE
cdn-requestpullsuccess
True
delivery.js
assets.revcontent.com/master/ 		340 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54bcd2321013c9f2ccbeef3881c41d044322b829fc6acb70bdfcb513311222a3

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
last-modified
Thu, 08 Apr 2021 19:06:44 GMT
server
AmazonS3
x-amz-request-id
VWV0T4AJ9ZF8A210
etag
"55d4ffa9eea20b8e559aa18b3713990f"
x-hw
1617966993.cds075.am5.hn,1617966993.cds109.am5.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
94548
x-amz-id-2
xaS6zUB3l8yMAQZgKPQ/p5Wd8L9DOOl5LDcLKXXpuGWz6wERykJbMNnA3gld+aYB/X7XlzGjy7M=
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
147
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8b85b58d-401e-0036-6931-2d6505000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 09 Apr 2021 11:46:33 GMT
polyfill.min.js
polyfill.io/v3/ 		72 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
3305843
detected-user-agent
Chrome/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Mon, 01 Mar 2021 19:22:10 GMT
date
Fri, 09 Apr 2021 11:16:33 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
adsct
t.co/i/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o526x&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Fri, 09 Apr 2021 11:16:33 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
edef80fcdd4d072e207cb4a46859e7b4
x-transaction
0062236900dab4fc
expires
Tue, 31 Mar 1981 05:00:00 GMT
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.67.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-67-9.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
7d2fff0ab245ffd8586516e14ec0b42eaa76ce30a8bdc74744071a9c58338084

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:34 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
1016
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
www.facebook.com/tr/ 		44 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=471140030224837&ev=PageView&dl=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&rl=&if=false&ts=1617966993356&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1617966993352.1800708659&it=1617966993005&coo=false&rqm=GET
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 09 Apr 2021 11:16:33 GMT
be_ixf_js_sdk.js
cdn.bc0a.com/ 		52 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bc0a.com/be_ixf_js_sdk.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.125.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
48bf27f30b27a2bbc0eeb40ca0440cc7432787f001d1c5aec231dd80ad64ad58

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-meta-sdk_version
1.4.6
date
Fri, 09 Apr 2021 10:59:49 GMT
content-encoding
gzip
age
1011
x-guploader-uploadid
ABg5-UwZH4ll0wGvjC5p21yQ9v-AGkGNN9NGtniSQMStmIaPj1p9-cDFgoFyRGAuRQYi7ESK6jW1BeyO3U3K7ykBstG71vVnKQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
x-goog-meta-publishingdate
2021-04-08 23:38:49
alt-svc
clear
content-length
16406
x-goog-meta-marvel_api_accounts
{"f00000000114898":{"data-customerid":"f00000000114898"},"f00000000192973":{"data-testmode":true,"data-customerid":"f00000000192973"},"f00000000063676":{"data-testmode":false,"data-cname":"images.closetworks.com","data-customerid":"f00000000063676"},"f00000000105991":{"data-testmode":true,"data-customerid":"f00000000105991"},"f00000000187147":{"data-customerid":"f00000000187147"},"f00000000205375":{"data-testmode":true,"data-customerid":"f00000000205375"},"f00000000188077":{"data-customerid":"f00000000188077"},"f00000000188074":{"data-testmode":true,"data-customerid":"f00000000188074"},"f00000000116008":{"data-customerid":"f00000000116008"},"f00000000188974":{"data-testmode":false,"data-customerid":"f00000000188974"},"f00000000115225":{"data-testmode":true,"data-customerid":"f00000000115225"},"f00000000168442":{"data-testmode":true,"data-customerid":"f00000000168442"},"f00000000114265":{"data-customerid":"f00000000114265"},"f00000000103447":{"data-testmode":true,"data-customerid":"f00000000103447"},"f00000000135469":{"data-testmode":true,"data-customerid":"f00000000135469"},"f00000000243826":{"data-testmode":true,"data-customerid":"f00000000243826"},"f00000000154990":{"data-testmode":true,"data-customerid":"f00000000154990"},"f00000000150259":{"data-testmode":true,"data-customerid":"f00000000150259"},"f00000000110071":{"data-testmode":true,"data-customerid":"f00000000110071"},"f00000000171895":{"data-testmode":true,"data-customerid":"f00000000171895"},"f00000000158179":{"data-testmode":true,"data-customerid":"f00000000158179"},"f00000000046606":{"data-testmode":true,"data-customerid":"f00000000046606"},"f00000000193489":{"data-customerid":"f00000000193489"},"f00000000154984":{"data-testmode":true,"data-customerid":"f00000000154984"},"f00000000181093":{"data-testmode":true,"data-customerid":"f00000000181093"},"f00000000188338":{"data-testmode":false,"data-customerid":"f00000000188338"},"f00000000185644":{"data-testmode":true,"data-customerid":"f00000000185644"},"f00000000041599":{"data-testmode":true,"data-customerid":"f00000000041599"},"f00000000160681":{"data-testmode":true,"data-customerid":"f00000000160681"},"f00000000192166":{"data-testmode":false,"data-customerid":"f00000000192166"},"f00000000192799":{"data-testmode":true,"data-customerid":"f00000000192799"},"f00000000146701":{"data-testmode":true,"data-customerid":"f00000000146701"},"f00000000193297":{"data-testmode":true,"data-customerid":"f00000000193297"},"f00000000191929":{"data-customerid":"f00000000191929"},"f00000000155119":{"data-customerid":"f00000000155119"},"f00000000167779":{"data-testmode":true,"data-customerid":"f00000000167779"},"f00000000184312":{"data-testmode":false,"data-customerid":"f00000000184312"},"f00000000117406":{"data-testmode":false,"data-customerid":"f00000000117406"},"f00000000137881":{"data-testmode":true,"data-customerid":"f00000000137881"},"f00000000116746":{"data-testmode":false,"data-customerid":"f00000000116746"},"f00000000141458":{"data-customerid":"f00000000141458"},"f00000000118177":{"data-customerid":"f00000000118177"},"f00000000114847":{"data-customerid":"f00000000114847"},"f00000000193300":{"data-testmode":true,"data-customerid":"f00000000193300"},"f00000000052793":{"data-testmode":true,"data-customerid":"f00000000052793"},"f00000000025882":{"data-testmode":true,"data-customerid":"f00000000025882"},"f00000000069367":{"data-testmode":false,"data-cname":"images.labelmaster.com","data-customerid":"f00000000069367"},"f00000000169417":{"data-testmode":true,"data-customerid":"f00000000169417"},"f00000000177487":{"data-testmode":true,"data-customerid":"f00000000177487"},"f00000000167977":{"data-customerid":"f00000000167977"},"f00000000114298":{"data-customerid":"f00000000114298"},"f00000000113338":{"data-testmode":false,"data-customerid":"f00000000113338"},"f00000000189529":{"data-testmode":false,"data-customerid":"f00000000189529"},"f00000000185470":{"data-testmode":false,"data-customerid":"f00000000185470"},"f00000000044220":{"data-testmode":true,"data-customerid":"f00000000044220"},"f00000000043431":{"data-testmode":false,"data-customerid":"f00000000043431"},"f00000000184714":{"data-testmode":false,"data-customerid":"f00000000184714"},"f00000000154978":{"data-testmode":true,"data-customerid":"f00000000154978"},"f00000000041735":{"data-customerid":"f00000000041735"},"f00000000114850":{"data-customerid":"f00000000114850"},"f00000000114853":{"data-customerid":"f00000000114853"},"f00000000102775":{"data-testmode":true,"data-customerid":"f00000000102775"},"f00000000120703":{"data-testmode":true,"data-customerid":"f00000000120703"},"f00000000124363":{"data-testmode":false,"data-customerid":"f00000000124363"},"f00000000190858":{"data-testmode":true,"data-customerid":"f00000000190858"},"f00000000041628":{"data-testmode":true,"data-customerid":"f00000000041628"},"f00000000154006":{"data-testmode":true,"data-customerid":"f00000000154006"},"f00000000072832":{"data-testmode":false,"data-customerid":"f00000000072832"},"f00000000119260":{"data-testmode":false,"data-customerid":"f00000000119260"},"f00000000241855":{"data-testmode":true,"data-customerid":"f00000000241855"},"f00000000117526":{"data-customerid":"f00000000117526"},"f00000000169432":{"data-testmode":true,"data-customerid":"f00000000169432"},"f00000000184762":{"data-testmode":false,"data-customerid":"f00000000184762"},"f00000000062059":{"data-testmode":true,"data-customerid":"f00000000062059"},"f00000000190864":{"data-testmode":false,"data-customerid":"f00000000190864"},"f00000000193426":{"data-testmode":false,"data-customerid":"f00000000193426"},"f00000000184177":{"data-testmode":false,"data-customerid":"f00000000184177"},"f00000000097438":{"data-testmode":false,"data-customerid":"f00000000097438"},"f00000000193222":{"data-customerid":"f00000000193222"},"f00000000069811":{"data-testmode":true,"data-customerid":"f00000000069811"},"f00000000139987":{"data-url":"powerreviews,g_,h_,w_,z_,d_,q_","data-customerid":"f00000000139987"},"f00000000182527":{"data-testmode":true,"data-customerid":"f00000000182527"},"f00000000089680":{"data-testmode":true,"data-customerid":"f00000000089680"},"f00000000186169":{"data-testmode":true,"data-customerid":"f00000000186169"},"f00000000181462":{"data-testmode":true,"data-customerid":"f00000000181462"},"f00000000168916":{"data-customerid":"f00000000168916"},"f00000000193306":{"data-testmode":true,"data-customerid":"f00000000193306"},"f00000000147763":{"data-customerid":"f00000000147763"},"f00000000193303":{"data-testmode":true,"data-customerid":"f00000000193303"},"f00000000016565":{"data-testmode":true,"data-customerid":"f00000000016565"},"f00000000165760":{"data-testmode":true,"data-customerid":"f00000000165760"},"f00000000191638":{"data-testmode":true,"data-customerid":"f00000000191638"},"f00000000188002":{"data-testmode":false,"data-customerid":"f00000000188002"},"f00000000192223":{"data-testmode":false,"data-customerid":"f00000000192223"},"f00000000154411":{"data-testmode":true,"data-customerid":"f00000000154411"},"f00000000166744":{"data-testmode":true,"data-customerid":"f00000000166744"},"f00000000223309":{"data-testmode":true,"data-customerid":"f00000000223309"},"f00000000192229":{"data-testmode":true,"data-customerid":"f00000000192229"},"f00000000068938":{"data-testmode":true,"data-customerid":"f00000000068938"},"f00000000177607":{"data-testmode":true,"data-customerid":"f00000000177607"},"f00000000146195":{"data-customerid":"f00000000146195"},"f00000000137853":{"data-url":"cms.stlcc.edu","data-customerid":"f00000000137853"},"f00000000068608":{"data-customerid":"f00000000068608"},"f00000000194338":{"data-customerid":"f00000000194338"},"f00000000185851":{"data-customerid":"f00000000185851"}}
last-modified
Thu, 08 Apr 2021 23:38:50 GMT
server
UploadServer
etag
"2f85d498769096052a9f68a9cd6b0f2a"
content-language
en
vary
Accept-Encoding
x-goog-hash
crc32c=pu2Z1A==, md5=L4XUmHaQlgUqn2ipzWsPKg==
x-goog-generation
1617925130019030
access-control-allow-origin
*
x-goog-meta-custom
false
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
16406
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 11:59:49 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma54884/233443800/17/
Redirect Chain
  • https://js.matheranalytics.com/s/ma54884/233443800/ml.js?cb7=1561
  • https://js.matheranalytics.com/static/ltm/ma54884/233443800/17/ml.br.js
141 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma54884/233443800/17/ml.br.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx /
Resource Hash
b499837f58b341a88f721e6aa4820373da35f89ace1ac0b287f4b98a4c140379

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 18:57:38 GMT
content-encoding
br
last-modified
Mon, 08 Mar 2021 23:35:29 GMT
server
nginx
age
58736
etag
"ce38dd234d7366fa490a71505ff5dd21"
vary
Accept-Encoding
x-cache
HIT Mon, 08 Mar 2021 23:45:16 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
41927

Redirect headers

date
Fri, 09 Apr 2021 11:16:34 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma54884/233443800/17/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
6-gc-euw1-10929
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 03:18:53 GMT
Via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
Age
28763
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/x-javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
Blvhl-Kvt0AgrtLOOX6i6YihtJpmhPLcS72dTvAQhMa43NoqK24qpQ==
Expires
Sat, 10 Apr 2021 03:17:13 GMT
integrator.js
adservice.google.se/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=www.reviewjournal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.reviewjournal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1562186486989213&correlator=2145939651726054&output=ldjh&impl=fif&eid=31060311%2C31060550%2C31060506%2C44739387%2C31060622&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210409&iu_parts=104590658%2CRJEarAds&enc_prev_ius=%2F0%2F1&prev_iu_szs=234x60&prev_scp=pos%3D1&eri=1&cust_params=tag%3Dcoronavirus%26section%3Dnews%26article%3D1%26app%3Dno%26sub_section_1%3Dpolitics-and-government%26sub_section_2%3Dnevada%26post_id%3D2324885&cookie_enabled=1&bc=31&abxe=1&lmt=1617966993&dt=1617966993397&dlt=1617966992464&idt=759&frm=20&biw=1600&bih=1200&oid=3&adxs=350&adys=25&adks=524154816&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vis=1&dmc=8&scr_x=0&scr_y=0&psz=234x75&msz=234x60&ga_vid=1035772386.1617966993&ga_sid=1617966993&ga_hid=239974910&ga_fc=false&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
20503a2cc01738b0b9c6e282bba8ed43ba905c969b07cada01efbafecdfe9a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9115
x-xss-protection
0
google-lineitem-id
5663685313
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138345849990
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1562186486989213&correlator=919014559721691&output=ldjh&impl=fif&eid=31060311%2C31060550%2C31060506%2C44739387%2C31060622&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210409&iu_parts=104590658%2CRJEarAds&enc_prev_ius=%2F0%2F1&prev_iu_szs=234x60&prev_scp=pos%3D2&eri=1&cust_params=tag%3Dcoronavirus%26section%3Dnews%26article%3D1%26app%3Dno%26sub_section_1%3Dpolitics-and-government%26sub_section_2%3Dnevada%26post_id%3D2324885&cookie_enabled=1&bc=31&abxe=1&lmt=1617966993&dt=1617966993412&dlt=1617966992464&idt=759&frm=20&biw=1600&bih=1200&oid=3&adxs=1016&adys=25&adks=2133462702&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vis=1&dmc=8&scr_x=0&scr_y=0&psz=234x75&msz=234x60&ga_vid=1035772386.1617966993&ga_sid=1617966993&ga_hid=239974910&ga_fc=false&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
54eb39437f57c07adaaaad11ed103447446d3cdb39651f52f5525ff854833db9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8618
x-xss-protection
0
google-lineitem-id
5663685313
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138346258489
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.6&blog=124460806&post=2324885&tz=-7&srv=www.reviewjournal.com&host=www.reviewjournal.com&ref=&fcp=1292&rand=0.08190816752635288
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
adsct
analytics.twitter.com/i/ 		31 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o526x&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 09 Apr 2021 11:16:33 GMT
server
tsa_devel
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5571ec54a16432ca0685d2e95c613673b9c6597b082536873311611de2ce7470
x-transaction
c97e448187941d90
expires
Tue, 31 Mar 1981 05:00:00 GMT
identity
api.rlcdn.com/api/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.reviewjournal.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186905
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.69.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-69-36.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91959e148b3919b8479f75d2c26dc7bd15ac304c9602aa4a23f56a3288bfe51e

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.reviewjournal.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 09 May 2021 11:16:36 GMT
loader-config.json
loader-cdn.azureedge.net/prod/review-journal/ 		1 KB
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/review-journal/loader-config.json?_=1617966992584
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FAF) /
Resource Hash
3b9482a6fb42e8f955d3fafa29cbe2f5558dd2140cba9bc46e931e4f497b8c60

Request headers

Accept
*/*
Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
content-md5
dkQpS5SaFZyMppnCjX9xKQ==
age
63883
x-cache
HIT
content-length
544
x-ms-lease-status
unlocked
last-modified
Wed, 17 Feb 2021 12:13:57 GMT
server
ECAcc (frc/8FAF)
etag
0x8D8D33D80BB978D
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cbc7425e-a01e-0060-1a9d-2c635d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
sp.js
cdn.includemodal.com/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.includemodal.com/sp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJQX3C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5dd6bab436e0335bc425861c3c70e9e44668190ddb5845f2c64567cba59ab2f4

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.Re1bkZYKa9RNQ.Y9yZbvdakOJe6majh
content-encoding
gzip
etag
"7ba6577f06deaab0fb3891c72ba4ee3d"
age
1262
x-cache
HIT
content-length
10903
x-amz-id-2
0pr8/eGMu+jwDSP1n12qea9/QyarocRzTQK6y67LbxqVulqgKJElcOTvAYbcs+k16lSO78BF3xQ=
x-served-by
cache-bma1623-BMA
last-modified
Tue, 06 Apr 2021 04:49:49 GMT
server
AmazonS3
x-timer
S1617966995.566259,VS0,VE0
date
Fri, 09 Apr 2021 11:16:34 GMT
vary
Accept-Encoding
x-amz-request-id
1S962KSSQ8B0NSZ9
via
1.1 varnish
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
13
CORONABANNER.jpg
res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_1500/v1596083379/webdev/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_1500/v1596083379/webdev/CORONABANNER.jpg
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c3dc7ce33f483db3bcdc7dd0e97e41a397fcc454c7595892c8dd9415e53b297e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Jul 2020 04:30:46 GMT
server
Cloudinary
etag
"f8ce9f001a4ccc8f50a0fd120e029272"
vary
Save-Data
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
server-timing
fastly;dur=1;start=2021-04-09T11:16:33.531Z;desc=hit,rtt;dur=8
strict-transport-security
max-age=604800
accept-ranges
bytes
timing-allow-origin
*
content-length
30931
container.html
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7426 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reviewjournal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reviewjournal.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 11:16:33 GMT
expires
Sat, 09 Apr 2022 11:16:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795245888949"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 09 Apr 2021 11:16:33 GMT
container.html
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C25E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reviewjournal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reviewjournal.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 11:16:33 GMT
expires
Sat, 09 Apr 2022 11:16:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
values
spreadsheets.google.com/feeds/list/1jVoUBFY2Xpt9g_eSOhoUipSA_OOh7hMbPDYAqYWx3nI/1/public/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://spreadsheets.google.com/feeds/list/1jVoUBFY2Xpt9g_eSOhoUipSA_OOh7hMbPDYAqYWx3nI/1/public/values?alt=json
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
badce69a12d2ec64ac92f14e5f9af0b172952b18c5bc0e31a3585cc1382b3e9f
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-/x6a6sUxuXotCSCQQqenNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
last-modified
Fri, 09 Apr 2021 11:16:33 GMT
server
GSE
x-frame-options
SAMEORIGIN
vary
Accept, X-GData-Authorization, GData-Version
gdata-version
1.0
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.reviewjournal.com
access-control-expose-headers
Cache-Control,Content-Encoding,Content-Length,Content-Type,Date,Expires,Last-Modified,Server,Transfer-Encoding,Vary
cache-control
private, max-age=0, must-revalidate, no-transform
content-security-policy
base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-/x6a6sUxuXotCSCQQqenNg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
x-robots-tag
noindex, nofollow, nosnippet
expires
Fri, 09 Apr 2021 11:16:33 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.reviewjournal.com%2F&domain=www.reviewjournal.com&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.reviewjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.reviewjournal.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1868
date
Fri, 09 Apr 2021 11:16:32 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.reviewjournal.com%2F&domain=www.reviewjournal.com&cw=1
  • https://mug.criteo.com/sid?cpp=0BTh13x3Nzd2SGhuQ0hxZjdhUk04Y1htdERRSytiblNKRkFhNkpVeUpMT2cwWFlWa002NmdUcWUzaDNkVXhtWld0aERxMk1ScS9wd0JYRUxuNUVMTDkxbTNuWFJSVTZZSHRwcXFyWHRHU2REQU92dE4zK0VwV3FYODJlTU...
342 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0BTh13x3Nzd2SGhuQ0hxZjdhUk04Y1htdERRSytiblNKRkFhNkpVeUpMT2cwWFlWa002NmdUcWUzaDNkVXhtWld0aERxMk1ScS9wd0JYRUxuNUVMTDkxbTNuWFJSVTZZSHRwcXFyWHRHU2REQU92dE4zK0VwV3FYODJlTUw0cDcvdVU2YXdmMGd4RDR0UWF4U3ZwcjE3WnFXcVNmbWJlZEVkaVJqcVZ1dGxvLytMN3hPTy9wNHBpZFpGVVF0cGxPcGhEQVQva3N2YktKZE44YmpTN3p2ZmdiT0o1eU9zOE9XUWpFUEhFdGhxWmJES2lVPXw&cppv=2
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
38491d42381d5a2c42cbe71192a179ecac0fe35f6683a1a3b5251ffefd0ef181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 09 Apr 2021 11:16:33 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2059
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 09 Apr 2021 11:16:33 GMT
location
https://mug.criteo.com/sid?cpp=0BTh13x3Nzd2SGhuQ0hxZjdhUk04Y1htdERRSytiblNKRkFhNkpVeUpMT2cwWFlWa002NmdUcWUzaDNkVXhtWld0aERxMk1ScS9wd0JYRUxuNUVMTDkxbTNuWFJSVTZZSHRwcXFyWHRHU2REQU92dE4zK0VwV3FYODJlTUw0cDcvdVU2YXdmMGd4RDR0UWF4U3ZwcjE3WnFXcVNmbWJlZEVkaVJqcVZ1dGxvLytMN3hPTy9wNHBpZFpGVVF0cGxPcGhEQVQva3N2YktKZE44YmpTN3p2ZmdiT0o1eU9zOE9XUWpFUEhFdGhxWmJES2lVPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1674
content-length
482
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238884&zone_id=1178356&size_id=55&alt_size_ids=57&eid_pubcid.org=633d980a-b8d3-4855-8401-97775cd60b34%5E1&rf=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&tk_flint=pbjs_lite_v4.11.0&x_source.tid=0cd948cc-52f8-4d39-9d18-ba4da54b4cf1&p_screen_res=1600x1200&rp_floor=0.15&rp_secure=1&slots=1&rand=0.5720093864849032
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5bf691e806a61ac2706350a98c7f0829f74a28f7eb0e45143c75c692d77324a5

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:33 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.reviewjournal.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
didna-d.openx.net/w/1.0/ 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0cd948cc-52f8-4d39-9d18-ba4da54b4cf1&nocache=1617966993602&pubcid=633d980a-b8d3-4855-8401-97775cd60b34&aus=970x250%2C970x90&divIds=ad-high_impact_1&auid=540256498&aumfs=150
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4d1f4870ab0e61db555bd08861af4e6c3c9096de109c9ab62424ddd22d249bac

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.reviewjournal.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
dmx.districtm.io/b/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
89a3bf4960fffd8168de5b195e15f152beb0f37dfec2b20c1a0e7669429741dd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:35 GMT
X-Proxy-Origin
185.76.9.102; 185.76.9.102; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.44:80
AN-X-Request-Uuid
3d470105-c26d-4b54-b8dd-1966a02bdf6c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.reviewjournal.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		63 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c3C2FKbI0r6RiTaKlId8sQ
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
9c767a8ddf6f5ffc31f821264cd88b3b7606032a281a1ac21ea5a7cd3e6af0d8

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.reviewjournal.com
access-control-allow-credentials
true
ADTECH;v=2;cmd=bid;cors=yes;alias=167e9bf3a1d2b55;misc=1617966993625;bidfloor=0.15;
adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026966/0/0/ 		0
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026966/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=167e9bf3a1d2b55;misc=1617966993625;bidfloor=0.15;
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:34 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=1729ccb18a70029;misc=1617966993625;bidfloor=0.15;
adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026963/0/0/ 		0
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026963/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=1729ccb18a70029;misc=1617966993625;bidfloor=0.15;
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:34 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
arj
didna-d.openx.net/w/1.0/ 		173 B
566 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3e1803aa-4032-47bd-8b4a-8fd53f5f0eb9&nocache=1617966993629&pubcid=633d980a-b8d3-4855-8401-97775cd60b34&aus=300x600%2C300x250%2C336x280&divIds=ad-infeed_1x1_1x2_1&auid=540256498&aumfs=150
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
8af99045a48c81f45970f62c5aeb5e15e94c85f9fbd14bd8e0a830d7ff9789b9

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.reviewjournal.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cygnus
htlb.casalemedia.com/ 		25 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=360248&v=7.2&r=%7B%22id%22%3A%222036549fc7fe913%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222186bb59419b6ed%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360248%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2222b5d6fe0a72c1b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360248%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222186bb59419b6ed%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360248%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b963e6e8d3da30ab23f9ee92a5527a3f78a5db5f0758edfe81457f5a4701cd74

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:34 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[SE], RC:[AB], CN:[EU], CIP:[185.76.9.102], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.reviewjournal.com
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
10
expires
Fri, 09 Apr 2021 11:16:34 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		264 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238884&zone_id=1178356&size_id=15&alt_size_ids=10%2C16&eid_pubcid.org=633d980a-b8d3-4855-8401-97775cd60b34%5E1&rf=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&tk_flint=pbjs_lite_v4.11.0&x_source.tid=3e1803aa-4032-47bd-8b4a-8fd53f5f0eb9&p_screen_res=1600x1200&rp_floor=0.15&rp_secure=1&slots=1&rand=0.4176800934515277
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9a051a7557f5a89e5a8e27337a91f594f336996a53ca429e81479eb96f6f830d

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.reviewjournal.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
264
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
06ce43b69ee4cb8c7068fd541d67ea625271422a9b9a0111a1a321b874a8c43a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:35 GMT
X-Proxy-Origin
185.76.9.102; 185.76.9.102; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.132:80
AN-X-Request-Uuid
ea82e8ba-2cda-478e-b0a8-db22d2315c83
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.reviewjournal.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c3C2FKbI0r6RiTaKlId8sQ
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
9d91adb1d1ad950b7050265b6036a4566a7d4c5abbeb6c159e20f101a3d70645

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.reviewjournal.com
access-control-allow-credentials
true
ADTECH;v=2;cmd=bid;cors=yes;alias=383e9c717060928;misc=1617966993673;bidfloor=0.15;
adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026961/0/0/ 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026961/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=383e9c717060928;misc=1617966993673;bidfloor=0.15;
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:33 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;v=2;cmd=bid;cors=yes;alias=39d79d1307d8bac;misc=1617966993673;bidfloor=0.15;
adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026964/0/0/ 		0
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026964/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=39d79d1307d8bac;misc=1617966993673;bidfloor=0.15;
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:34 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
v1
dmx.districtm.io/b/ 		0
0
like.php
www.facebook.com/plugins/ Frame 4556 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Freviewjournal&width=105&layout=button_count&action=like&size=large&show_faces=false&share=false&height=21&appId=846558002155573
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
942f08bb05c33bb74a2130a97e9fbcc39cdacdd2135b32908ee3242b47a26307
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Freviewjournal&width=105&layout=button_count&action=like&size=large&show_faces=false&share=false&height=21&appId=846558002155573
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reviewjournal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=0YqGSyYI04B7CwSaN..BgcDeR...1.0.BgcDeR.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reviewjournal.com/

Response headers

vary
Accept-Encoding
x-fb-rlafr
0
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
96q0etr5okKG69JF6sAdBFPuMK4SP0bUkEOWWiWrjWL/ao2jQ/eFJ1XVf/jzQkuW9ADVWE93iTQYZz3JNz9Lng==
date
Fri, 09 Apr 2021 11:16:33 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
skyline_w_logo_2.png
res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_410/v1612915737/webdev/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_410/v1612915737/webdev/skyline_w_logo_2.png
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d271010ec832b13a7252ea92bd07c7a129f5617945db4c3072146fc3d41c42dc
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="skyline_w_logo_2.webp"
server-timing
fastly;dur=1;start=2021-04-09T11:16:33.690Z;desc=hit,rtt;dur=6
vary
Save-Data
content-length
7528
last-modified
Wed, 10 Feb 2021 00:10:14 GMT
server
Cloudinary
etag
"d09421c2c3132cccba85c223210f7540"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
15010525_web1_CV-VACCINES-APR06-21_040521kc_013.jpg
www.reviewjournal.com/wp-content/uploads/2021/04/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reviewjournal.com/wp-content/uploads/2021/04/15010525_web1_CV-VACCINES-APR06-21_040521kc_013.jpg?crop=1
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7f2fd9e4e075f4f9f9a26477932a7ec0922601978f7bdf194d19d01f4bcd0357

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-rq
arn1 109 32 443
last-modified
Thu, 08 Apr 2021 18:38:26 GMT
server
nginx
etag
"c50a025648c24fea"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
108886
expires
Fri, 08 Apr 2022 18:38:26 GMT
newberg_katelyn.jpg
www.reviewjournal.com/wp-content/uploads/2018/08/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reviewjournal.com/wp-content/uploads/2018/08/newberg_katelyn.jpg?resize=100,100
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dc16471802c2317dcd7589d116dd7654d486d43d1cf2d1db7ac24ced7212da2b

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-rq
arn1 109 200 443
last-modified
Tue, 11 Aug 2020 10:32:15 GMT
server
nginx
etag
"20ca499cc157481b"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3710
expires
Wed, 11 Aug 2021 10:32:15 GMT
15006264_web1_CV-VACCINES_040621ev_010.jpg
www.reviewjournal.com/wp-content/uploads/2021/04/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reviewjournal.com/wp-content/uploads/2021/04/15006264_web1_CV-VACCINES_040621ev_010.jpg?h=80
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
17c6ccd7963ddeaa6711cd64291bb960450429c600493d05226f861b1f95f4f3

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-rq
arn1 109 30 443
last-modified
Thu, 08 Apr 2021 18:38:25 GMT
server
nginx
etag
"20ee4d311bb1a5f2"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1534
expires
Fri, 08 Apr 2022 18:38:25 GMT
web-lombardo-ss-0418.jpg
www.reviewjournal.com/wp-content/uploads/2021/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reviewjournal.com/wp-content/uploads/2021/04/web-lombardo-ss-0418.jpg?h=80
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ca58ba4e9188bc46a7352844f3358eb5fd55174033a8eb8042d408ae4aac6501

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-rq
arn1 109 139 443
last-modified
Fri, 09 Apr 2021 01:25:17 GMT
server
nginx
etag
"e1fd2914c2e08574"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2688
expires
Sat, 09 Apr 2022 01:25:17 GMT
15010525_web1_CV-VACCINES-APR06-21_040521kc_013.jpg
www.reviewjournal.com/wp-content/uploads/2021/04/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reviewjournal.com/wp-content/uploads/2021/04/15010525_web1_CV-VACCINES-APR06-21_040521kc_013.jpg?h=80
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
543b6aa07ec2a979f3fe2cfaf367be8685e00d838444d7266a251630313ae3df

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-rq
arn1 109 32 443
last-modified
Fri, 09 Apr 2021 01:25:17 GMT
server
nginx
etag
"033fc3dbe8f5f9b1"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2354
expires
Sat, 09 Apr 2022 01:25:17 GMT
15001765_web1_LVCC-WEST-HALL-APRXX-21-007-1.jpg
www.reviewjournal.com/wp-content/uploads/2021/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reviewjournal.com/wp-content/uploads/2021/04/15001765_web1_LVCC-WEST-HALL-APRXX-21-007-1.jpg?h=80
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3dfc3ca54ac3a388b540714acce0b9482151ff374c3fb0ac66024c73b2c9aae5

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-rq
arn1 109 83 443
last-modified
Fri, 09 Apr 2021 08:23:55 GMT
server
nginx
etag
"e18a7597fd6206a0"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2722
expires
Sat, 09 Apr 2022 08:23:55 GMT
15010671_web1_IMG_9562.jpg
www.reviewjournal.com/wp-content/uploads/2021/04/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.reviewjournal.com/wp-content/uploads/2021/04/15010671_web1_IMG_9562.jpg?h=80
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9e59e71a7e63cdf0e3f138a4a80eb36cc568bb0034b2521da181ef94ab6e38e8

Request headers

Referer
https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-rq
arn1 109 139 443
last-modified
Fri, 09 Apr 2021 08:23:56 GMT
server
nginx
etag
"ae4c7dd4562fac21"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2846
expires
Sat, 09 Apr 2022 08:23:56 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0BTh13x3Nzd2SGhuQ0hxZjdhUk04Y1htdERRSytiblNKRkFhNkpVeUpMT2cwWFlWa002NmdUcWUzaDNkVXhtWld0aERxMk1ScS9wd0JYRUxuNUVMTDkxbTNuWFJSVTZZSHRwcXFyWHRHU2REQU92dE4zK0VwV3FYODJlTUw0cDcvdVU2YXdmMGd4RDR0UWF4U3ZwcjE3WnFXcVNmbWJlZEVkaVJqcVZ1dGxvLytMN3hPTy9wNHBpZFpGVVF0cGxPcGhEQVQva3N2YktKZE44YmpTN3p2ZmdiT0o1eU9zOE9XUWpFUEhFdGhxWmJES2lVPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1079
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
vary
Accept-Encoding
ADTECH;v=2;cmd=bid;cors=yes;alias=57850bdb9de6795;misc=1617966993833;bidfloor=0.15;
adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026961/0/0/ 		0
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/11609.1/5026961/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=57850bdb9de6795;misc=1617966993833;bidfloor=0.15;
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:34 GMT
server
nginx
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238884&zone_id=1178356&size_id=15&alt_size_ids=16&eid_pubcid.org=633d980a-b8d3-4855-8401-97775cd60b34%5E1&rf=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&tk_flint=pbjs_lite_v4.11.0&x_source.tid=cac6478f-b22d-436a-90d6-0dfa6857bb76&p_screen_res=1600x1200&rp_floor=0.15&rp_secure=1&slots=1&rand=0.06326106413108845
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
02dd78b4fd5768fead37e5b3218b23af85a7a7749074661ec31b34d2941fc530

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.reviewjournal.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		66 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=c3C2FKbI0r6RiTaKlId8sQ
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ 33Across
Resource Hash
2564b0d2b3ff1778dc204d05cf1bc772da6b3432915c8da1302373f0e5db3238

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.reviewjournal.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
34975ac7bbc037a7e40ed7ed11732d049d094415c579d6713dc878f8ada14f9f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:35 GMT
X-Proxy-Origin
185.76.9.102; 185.76.9.102; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.49:80
AN-X-Request-Uuid
9dcf4b8a-2863-440b-bc91-1984ce893bf8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.reviewjournal.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
0
cygnus
htlb.casalemedia.com/ 		25 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=360248&v=7.2&r=%7B%22id%22%3A%22508e1ec235adc78%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22511f06008e8b37b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360248%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22511f06008e8b37b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22360248%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c05b52c075ba9a577bcd921f7b0f1d8a41123be01be2e268cc75e169f99238e8

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:34 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[SE], RC:[AB], CN:[EU], CIP:[185.76.9.102], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.reviewjournal.com
x-cs-client-geo
10
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
10
expires
Fri, 09 Apr 2021 11:16:34 GMT
arj
didna-d.openx.net/w/1.0/ 		173 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cac6478f-b22d-436a-90d6-0dfa6857bb76&nocache=1617966993843&pubcid=633d980a-b8d3-4855-8401-97775cd60b34&aus=300x250%2C336x280&divIds=ad-sidebar_1&auid=540256498&aumfs=150
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
eec1a75117a5916fbbea67f5b1982792fa6284ff571e98f43660469753910472

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.reviewjournal.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
162
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: media.reviewjournal.com
URL: https://media.reviewjournal.com/media/projects/header-bidding/prebid-4.11.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
player.min.js
fuel-streaming-prod01.fuelmedia.io/player/1.0/ 		1 MB
330 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
463d80f4ed88bbaba816e662ac0e36d8c2c517dd06d1eb5eced7941d6cb837b2

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 21:54:47 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Mon, 29 Mar 2021 20:34:02 GMT
Server
AmazonS3
Age
48108
ETag
W/"85f6cdb8e27a9c2ac13d03e70e202e7b"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 259359d7ff61dd984af98fc0a1b513fa.cloudfront.net (CloudFront)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
X-Amz-Cf-Pop
HAM50-C3
X-Amz-Cf-Id
PIyvmzlZTR-_OeOug_EsmpKpNfuvyIoR_3u-5l0KmQwFkgTOoteHMg==
seven2.png
res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_50/v1611100661/webdev/ 		454 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_50/v1611100661/webdev/seven2.png
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
37b98902d4f75dc1f85b3038ea524400c1824eb8d51264783bebb58b67b2b5e1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="seven2.webp"
server-timing
fastly;dur=2;cpu=1;start=2021-04-09T11:16:33.853Z;desc=hit,rtt;dur=6
vary
Save-Data
content-length
454
last-modified
Wed, 10 Feb 2021 21:51:23 GMT
server
Cloudinary
etag
"c609a1a81250f16a326affc0f8f97a82"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
fp.min.js
fp-cdn.azureedge.net/prod/review-journal/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp-cdn.azureedge.net/prod/review-journal/fp.min.js?
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F8B) /
Resource Hash
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
content-md5
I+TRQO5bVyRNfhz04pv14Q==
age
3046
x-cache
HIT
content-length
19745
x-ms-lease-status
unlocked
last-modified
Thu, 24 Dec 2020 08:37:46 GMT
server
ECAcc (frc/8F8B)
etag
0x8D8A7E730603D0D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
902b86f7-301e-0125-322a-2df899000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
g2insights-cdn.azureedge.net/prod/review-journal/ 		1 MB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g2insights-cdn.azureedge.net/prod/review-journal/g2i.min.js?v=1.14
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FF6) /
Resource Hash
c79a0c5f74d483551e2288694c5cd45d0770ab13d799ee39c79e2fd3bbc91abf

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
content-md5
8DUJt4o4zz7t/7RjeB7Y0w==
age
728
x-cache
HIT
content-length
245802
x-ms-lease-status
unlocked
last-modified
Wed, 17 Feb 2021 08:30:21 GMT
server
ECAcc (frc/8FF6)
etag
0x8D8D31E43C26FDA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
739fa558-a01e-000d-0730-2dc973000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/ 		543 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE2) /
Resource Hash
4c0accfaacc9962787426d8d052ff27e65fa6b7271f2f7a132b8cc2b9756c2ab

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
content-md5
w1XbGhtf64ucUF65OBLypA==
age
21765
x-cache
HIT
content-length
115458
x-ms-lease-status
unlocked
last-modified
Mon, 15 Mar 2021 11:43:35 GMT
server
ECAcc (frc/8FE2)
etag
0x8D8E7A7913BEFB2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eb637724-201e-00b6-55ff-2c2887000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
/
www.facebook.com/tr/ 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarykvp3IrqzBIrbuQAf

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 09 Apr 2021 11:16:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 7426 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17914786394753848863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 11:12:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7426 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10724
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 08:17:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7426 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 11:16:33 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame C25E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17914786394753848863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 11:12:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C25E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10724
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 08:17:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C25E 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 11:16:33 GMT
/
trends.revcontent.com/api/demand/ 		52 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=174258
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:35 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:35 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 4556 		400 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Freviewjournal&width=105&layout=button_count&action=like&size=large&show_faces=false&share=false&height=21&appId=846558002155573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Freviewjournal&width=105&layout=button_count&action=like&size=large&show_faces=false&share=false&height=21&appId=846558002155573
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
7VO44CVNDMFspsyss2IA1BcsW4XVxwfJel3TNM1SAngs7blhHcwWTvPJDBu8E0Kyx9mVlg/UPuwy13+Rn3dcvA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Mon, 05 Apr 2021 21:36:10 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
400
x-fb-rlafr
0
expires
Tue, 05 Apr 2022 21:36:10 GMT
pq5PmZshFQQ.js
www.facebook.com/rsrc.php/v3iEpO4/y9/l/en_US/ Frame 4556 		478 KB
124 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/y9/l/en_US/pq5PmZshFQQ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Freviewjournal&width=105&layout=button_count&action=like&size=large&show_faces=false&share=false&height=21&appId=846558002155573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
003fd10ced20a31ddee2cb8cd496fbd9c21efc94a2c35bfd61b6e02a004be62e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Freviewjournal&width=105&layout=button_count&action=like&size=large&show_faces=false&share=false&height=21&appId=846558002155573
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
Hh130W4qeyjIowjjNaQe068iifCwdnpGNXsVwnboyevZcE3nkpqlQVxU286LLpTPGvE64jPFzAhzYqM8CiGmmg==
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uNSM+VWGkFlmtcuM7oRDYA==
date
Fri, 09 Apr 2021 02:29:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
126464
x-fb-rlafr
0
expires
Sat, 09 Apr 2022 02:29:15 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame C25E 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4964
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 09:53:50 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 7426 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4964
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 09:53:50 GMT
t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/ 		286 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.css?v=2.5.3.4_2
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE5) /
Resource Hash
6d7c47b2b470c5f48f9a92e4aa1925ea9597a9e8c7b568cdced15995615a28d6

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:34 GMT
content-encoding
gzip
content-md5
d/BvUu7RwpTKRZxDJywvcA==
age
20410
x-cache
HIT
content-length
27268
x-ms-lease-status
unlocked
last-modified
Mon, 15 Mar 2021 11:43:35 GMT
server
ECAcc (frc/8FE5)
etag
0x8D8E7A7912B49C4
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
8c08115d-301e-004c-7102-2de160000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
cavalry_endpoint.php
www.facebook.com/common/ Frame 4556 		67 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1617966993941&t_start=1617966993942&t_domcontent=1617966993956&t_layout=1617966994176&t_onload=1617966994176&t_paint=1617966994176&t_creport=1617966994176&t_tti=1617966993956&lid=6949115321248322218-0
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13f:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Freviewjournal&width=105&layout=button_count&action=like&size=large&show_faces=false&share=false&height=21&appId=846558002155573
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
1QJb8mWFemjNU9ZEdtTwIWf6DQgLlzssPBO4NyteoWA6QG37R2Z8yRbDv27n503GH6tUg8UX/FkoTp2QNP8C+A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 09 Apr 2021 11:16:34 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
LVJR
prod-review-journal-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/LVJR/configCode/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-review-journal-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/LVJR/configCode/LVJR
Protocol
HTTP/1.1
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
https://www.reviewjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By
ASP.NET
Date
Fri, 09 Apr 2021 11:16:33 GMT
Content-Length
0
gtm.js
www.googletagmanager.com/ 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5ZBPF7G&l=MG2DL
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/review-journal/g2i.min.js?v=1.14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de2247b4480c3721e985c3772c708e607b15e6c3813abb272eddc7cbe073dd46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38436
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Apr 2021 11:16:34 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:34 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
148
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8b85b58d-401e-0036-6931-2d6505000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Fri, 09 Apr 2021 11:46:34 GMT
index.js
d1wa9546y9kg0n.cloudfront.net/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.182.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 09:21:49 GMT
Via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
Last-Modified
Tue, 23 Feb 2016 09:35:10 GMT
Server
AmazonS3
Age
7036
ETag
"cf67eb51479caf3b57c3577a08b6a038"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
6494
X-Amz-Cf-Id
70fvjVp7q4zR3nvFBC4fmhbkg32mVKFSppQxAVxuPdWx1ikD5ZJF-g==
LVJR
prod-review-journal-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/LVJR/configCode/ 		722 KB
105 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-review-journal-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/LVJR/configCode/LVJR
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
fd08b5dab2c1906d6f415c59f23721471dfec1ba7a23b622b2b4daff76d774ff

Request headers

source-system
Plugin
site-code
LVJR
autoqa
false
ssid
1172da4ba3f5fd0502cc125780e6c48d
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MTc5ODEzOTR9.0prjlvF0TxT4LUrcmz8wump3d1ELzGIwiBYQrTM81s8
location
undefined
content-type
application/json
access-control-allow-origin
*
accept
application/json
environment
prod
Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
config-code
LVJR
version
Version: 2.5.3.4

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:34 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
106327
X-Server-Time
4/9/2021 11:16:35 AM
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.37.228 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:35 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
Y068SPRNMGX8JV6P
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
7fJLPFUO12TAlhBfxjz1iY/eLGAc708MAfGzEltIFkZpJRjigF2OfNxtG+EM9U7RoH4HvEoO8II=
x-amz-meta-s3b-last-modified
20191015T134358Z
index.html
s0.2mdn.net/dfp/520018/5008118787/1617900490783/ Frame E928 		25 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38dc1dda6a2a2f9c6312641c98a0febe92c8bfe3d49048d99415c92c5e05e05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/520018/5008118787/1617900490783/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
4322
date
Fri, 09 Apr 2021 11:16:34 GMT
expires
Sat, 10 Apr 2021 11:16:34 GMT
cache-control
public, max-age=86400
last-modified
Thu, 08 Apr 2021 16:48:12 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame C25E 		0
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrs3a3HneR4F-kWQhp0e-0gZTNN1ZvWc-JsMXJOTEG44J28XFbF-JvYU5aqIjTZ3mRYfx2FSHG1B7Kcf8MClsN5qCeYY6TdriFQAswLLzv7TVaWl2u81DSdIFxz6ABmHRZwWIrEMPBglneOVFGTFr42aUmMkh_4kp0xUuWTNr-VO-tXURl6p0uMjDgft0KhpazKb58tQYLKlLvnhifeWrtMhov23QS0mCGqbacS3cTT64LVNhWx2R3eY6ij1VNPADH6YKMgQPSTuyM5Zqc_k3t9fpibsHjAKUksQgD4RUgsOx_Ww&sai=AMfl-YSF0hmxTAg20I0JgcOelI9pOxMvOvFIw4RUc2r4T3l3jFgTX6jNzfsxu4aqaZsEmcPok0VAl-DBcvqmJ9jqTQx503LhUQ3TkXh4MYUJLVsQt3nThSksSpS6c2RrEuQ&sig=Cg0ArKJSzGM4lVcExcwTEAE&urlfix=1&adurl=
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 11:16:34 GMT
index.html
s0.2mdn.net/dfp/520018/5008118787/1617900509161/ Frame F746 		25 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38dc1dda6a2a2f9c6312641c98a0febe92c8bfe3d49048d99415c92c5e05e05b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/520018/5008118787/1617900509161/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
4322
date
Fri, 09 Apr 2021 11:16:34 GMT
expires
Sat, 10 Apr 2021 11:16:34 GMT
cache-control
public, max-age=86400
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 7426 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTDxtiiKcHlmU3nW5XMuwLZbyeyFnQ9lX6JysAQG452p5j2PVRzHeeuAKY4VbVhObb8TvSnl6TI8B1cyGZOSQVhiAkd_lAKawVBEVvj4OHDlKWeCZZg80zM7x4QUAHAyArFi51nyDXq6w5M9nqM-v_oAneotXnosXv-eHjQABpsX4SLJzVSsgq2H-ESz_2z98mIbRQTnyc-20DJrrJaTufO20QKCY8TeZiq71eoyru9w0F1xOuxt5ntFx1DvaW0MiOsGFUwEAh22IEEtRqf9wgwiqTY6ZeDN-xa97Wj3D1Ek525Q&sai=AMfl-YQvgdbE5eH2L289T0LdRqu6c9CFhWGIQPvv4bjWEX8ILgQp7lRZzD1g_5XBmbWL7Tma6SY6zNMfMv916YtAd66YrcHXb4Zo-DxfgZ3S6p3Um-jEbhF_LTfWziiK93qc&sig=Cg0ArKJSzH6Jx6TcO-JjEAE&urlfix=1&adurl=
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 11:16:34 GMT
exists
api.mg2insights.com/article/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mg2insights.com/article/exists?content_id=2324885&deviceid=61c4cc707900851e4a0d4f5b262ca84e
Protocol
H2
Server
35.244.221.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
client-code,content-type,site-code
Origin
https://www.reviewjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.10
date
Fri, 09 Apr 2021 11:16:34 GMT
content-type
application/octet-stream text/plain; charset=utf-8
content-length
0
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Client-Code,Site-Code
access-control-expose-headers
Content-Length,Content-Range
access-control-max-age
1728000
via
1.1 google
alt-svc
clear
exists
api.mg2insights.com/article/ 		67 B
144 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.mg2insights.com/article/exists?content_id=2324885&deviceid=61c4cc707900851e4a0d4f5b262ca84e
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/review-journal/g2i.min.js?v=1.14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.221.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
e93a35c2d8fcd8c3fa0e1e9f51d5056369680613b0132fd16ccb45da50dbbe2f

Request headers

accept
application/json
Referer
https://www.reviewjournal.com/
site-code
RJ
client-code
REVIEW-JOURNAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
via
1.1 google
server
nginx/1.17.10
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Client-Code,Site-Code,BotInfo,InitSettings
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
67
user
api.mg2insights.com/ 		98 B
225 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.mg2insights.com/user?deviceid=61c4cc707900851e4a0d4f5b262ca84e
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/review-journal/g2i.min.js?v=1.14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.221.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash
ec5d29c779f529cb290ab519874c1cca180b3e7bddec2f40f22cd4d503bda722

Request headers

accept
application/json
Referer
https://www.reviewjournal.com/
site-code
RJ
client-code
REVIEW-JOURNAL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
via
1.1 google
server
nginx/1.17.10
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Client-Code,Site-Code,BotInfo,InitSettings
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
98
x-request-id
6558ae08-8373-4cfe-830e-c78e2102cabb
user
api.mg2insights.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mg2insights.com/user?deviceid=61c4cc707900851e4a0d4f5b262ca84e
Protocol
H2
Server
35.244.221.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.17.10 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
client-code,content-type,site-code
Origin
https://www.reviewjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.10
date
Fri, 09 Apr 2021 11:16:34 GMT
content-type
application/octet-stream text/plain; charset=utf-8
content-length
0
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Client-Code,Site-Code,BotInfo,InitSettings
access-control-expose-headers
Content-Length,Content-Range
access-control-max-age
1728000
via
1.1 google
alt-svc
clear
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=13674
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
541CA3CB462144FD
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56100
accept-ranges
bytes
content-length
55696
x-amz-id-2
WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ef99e8e7-014c-4d00-b573-6e65881bc7a5&ntv_fl=zOcEDJFzfNKR6SyJk0keXgsNqbfi-kYz-3aJWqcAxnLOwfWTy84fnzMROUjiHtt-c0UE2eGRQeyEuXTTSA2qUd26o7UKfI5tVdaoezLnzwSdXSMXVdVN-JSpBwWNxWxIGlc1zJsl-0o0Jh4n19e37Gocj-LaHCGS7vogGTbL3VLKz2JQfaUaVRZyl7tktdpuR0nx6IKngjFdRgUgVKzEd8pUNWr_cu1V2EBv4wDjxgF9ezmLaZNUSZtm5f5f8yKmQBEV0BG-VgPyEk5yBae_oxxQ8rqSTQu7iNUWpWmOuHbT-F3MHESIU_Jb6SzHtiZMdY78Aj4SSkiz4tYvh8s4N0okFCdr9oxCJY6oGlBx2as2N3rrFg6fFFPB-_ExxHY4rs40eoESGrcm_351-mvvZM5VQBZTel7BDmmqoL-AkxE=&ntv_ht=kjdwYAA&ntv_at=303,302&ntv_a=AAAAAAAAAAFaIQA&ord=1617966994617&ntv_dpl=1009,1011,1028,1050,1003,1019,1007&ntv_it
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.67.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-67-9.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1090069&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.67.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-67-9.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
5c9a8e78761af0081c8255c5
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5c9a8e78761af0081c8255c5
Protocol
H2
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-launchdarkly-user-agent
Origin
https://www.reviewjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
300
allow
GET, OPTIONS, HEAD
content-encoding
gzip
ld-region
us-east-1
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Fri, 09 Apr 2021 11:16:35 GMT
via
1.1 varnish
x-served-by
cache-fra19179-FRA
x-cache
HIT
x-cache-hits
3
x-timer
S1617966996.838123,VS0,VE0
vary
Accept-Encoding
age
0
content-length
23
eyJrZXkiOiI3Mzk1Nzk4ZS00YzMwLTQxN2ItOGIxYS1iM2Q3YmFkOGZmOTgiLCJjdXN0b20iOnsiQ2hhbm5lbElkIjoiNzM5NTc5OGUtNGMzMC00MTdiLThiMWEtYjNkN2JhZDhmZjk4In19
app.launchdarkly.com/sdk/evalx/5c9a8e78761af0081c8255c5/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5c9a8e78761af0081c8255c5/users/eyJrZXkiOiI3Mzk1Nzk4ZS00YzMwLTQxN2ItOGIxYS1iM2Q3YmFkOGZmOTgiLCJjdXN0b20iOnsiQ2hhbm5lbElkIjoiNzM5NTc5OGUtNGMzMC00MTdiLThiMWEtYjNkN2JhZDhmZjk4In19
Protocol
H2
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-launchdarkly-user-agent
Origin
https://www.reviewjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
300
allow
GET, OPTIONS, HEAD
content-encoding
gzip
ld-region
us-east-1
strict-transport-security
max-age=31536000
accept-ranges
bytes
date
Fri, 09 Apr 2021 11:16:35 GMT
via
1.1 varnish
x-served-by
cache-fra19179-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1617966996.838123,VS0,VE93
vary
Accept-Encoding
age
0
content-length
23
5c9a8e78761af0081c8255c5
app.launchdarkly.com/sdk/goals/ 		2 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/5c9a8e78761af0081c8255c5
Requested by
Host: fuel-streaming-prod01.fuelmedia.io
URL: https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

X-LaunchDarkly-User-Agent
JSClient/2.13.0
Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
access-control-max-age
300
date
Fri, 09 Apr 2021 11:16:35 GMT
content-length
26
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1617966996.889441,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
4
eyJrZXkiOiI3Mzk1Nzk4ZS00YzMwLTQxN2ItOGIxYS1iM2Q3YmFkOGZmOTgiLCJjdXN0b20iOnsiQ2hhbm5lbElkIjoiNzM5NTc5OGUtNGMzMC00MTdiLThiMWEtYjNkN2JhZDhmZjk4In19
app.launchdarkly.com/sdk/evalx/5c9a8e78761af0081c8255c5/users/ 		5 KB
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/5c9a8e78761af0081c8255c5/users/eyJrZXkiOiI3Mzk1Nzk4ZS00YzMwLTQxN2ItOGIxYS1iM2Q3YmFkOGZmOTgiLCJjdXN0b20iOnsiQ2hhbm5lbElkIjoiNzM5NTc5OGUtNGMzMC00MTdiLThiMWEtYjNkN2JhZDhmZjk4In19
Requested by
Host: fuel-streaming-prod01.fuelmedia.io
URL: https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
089c8e49e12597850d1690fdfda1bc8c11dc33ada7b22b127afb010c61979f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

X-LaunchDarkly-User-Agent
JSClient/2.13.0
Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
age
0
x-cache
MISS
access-control-max-age
300
date
Fri, 09 Apr 2021 11:16:36 GMT
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1617966996.987061,VS0,VE96
etag
"1472ca"
vary
Accept-Encoding, Authorization
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits
0
fontawesome-webfont.woff2
cdn.mg2connext.com/prod/fonts/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.mg2connext.com/prod/fonts/fontawesome-webfont.woff2?98120622=
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.css?v=2.5.3.4_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F40) /
Resource Hash
c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a

Request headers

Origin
https://www.reviewjournal.com
Referer
https://cdn.ayc0zsm69431gfebd.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:34 GMT
content-md5
4KZHfCb3p1RwzI0cUtcF7g==
age
154964
x-cache
HIT
content-length
1720
x-ms-lease-status
unlocked
last-modified
Thu, 17 Dec 2020 10:16:38 GMT
server
ECAcc (frc/8F40)
etag
0x8D8A274D72F017A
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
362ff35c-201e-00bd-64c8-2b30f3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
aac4f1b4-a5b6-4632-8228-9c11ed5180bb
https://www.reviewjournal.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.reviewjournal.com/aac4f1b4-a5b6-4632-8228-9c11ed5180bb
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
38d2e1519a8613c8f6d87e70bce24adb.js
s0.2mdn.net/dfp/520018/5008118787/1617900509161/ Frame F746 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/38d2e1519a8613c8f6d87e70bce24adb.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300286007861bbccdd557fcf95ed6153a4f0354e9a415f576ee3d48bf85c370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17396
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
38d2e1519a8613c8f6d87e70bce24adb.js
s0.2mdn.net/dfp/520018/5008118787/1617900490783/ Frame E928 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/38d2e1519a8613c8f6d87e70bce24adb.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300286007861bbccdd557fcf95ed6153a4f0354e9a415f576ee3d48bf85c370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17396
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
3b1c0b02-a34a-4a2e-9feb-655ccef0fe86.js
d2s8wlbatk24s7.cloudfront.net/service/js/ 		45 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86.js
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5e00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ffee5c9782e70ed6a4c23ed49fd70dfbbce1ddb73d1f04dd51bcb1242e2115ce

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:57:20 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
8354
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
*
x-amz-cf-id
6ugbsIZAwhh88sAitUaI_BIOBfXlIctL7vwLJwd8N99tFOHRQA-wGg==
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
css
fonts.googleapis.com/ Frame E928 		4 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/38d2e1519a8613c8f6d87e70bce24adb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 09:55:14 GMT
server
ESF
date
Fri, 09 Apr 2021 11:16:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 11:16:34 GMT
e24e4c9a21817c593e0f9bb01e37238a.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/e24e4c9a21817c593e0f9bb01e37238a.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7539d974cd2e042fff00badae1ec29ff3b63638427ab002e06460c3eee33baee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:10 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4015
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
99b3f553edd2d53852afacc7c8308d33.png
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/99b3f553edd2d53852afacc7c8308d33.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90da5a59ad8b76003a1440e5d18da2e7825c21d86a8f55fcbdf86642badaa25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:10 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
620f6a280c27d1ef7d0d1e89228b1e55.png
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/620f6a280c27d1ef7d0d1e89228b1e55.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb6cc776124a0e4a99c2d91c88a082bbbb3fbfd9748d77416eb9c3f1612bc7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:11 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1696
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
css
fonts.googleapis.com/ Frame F746 		4 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/38d2e1519a8613c8f6d87e70bce24adb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 11:05:01 GMT
server
ESF
date
Fri, 09 Apr 2021 11:16:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 11:16:34 GMT
e24e4c9a21817c593e0f9bb01e37238a.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/e24e4c9a21817c593e0f9bb01e37238a.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7539d974cd2e042fff00badae1ec29ff3b63638427ab002e06460c3eee33baee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4015
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
99b3f553edd2d53852afacc7c8308d33.png
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/99b3f553edd2d53852afacc7c8308d33.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90da5a59ad8b76003a1440e5d18da2e7825c21d86a8f55fcbdf86642badaa25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
620f6a280c27d1ef7d0d1e89228b1e55.png
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/620f6a280c27d1ef7d0d1e89228b1e55.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb6cc776124a0e4a99c2d91c88a082bbbb3fbfd9748d77416eb9c3f1612bc7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1696
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E928 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
309674
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E928 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
309645
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:49 GMT
d8470e1b061f9dd12cc6669267ae471b.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/d8470e1b061f9dd12cc6669267ae471b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15276647ccf87092eb1914b4a13af4f29333871919c2674ea249dd16ef8a916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:11 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4113
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F746 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
309675
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F746 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
309646
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:49 GMT
d8470e1b061f9dd12cc6669267ae471b.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/d8470e1b061f9dd12cc6669267ae471b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15276647ccf87092eb1914b4a13af4f29333871919c2674ea249dd16ef8a916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4113
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:35 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTY2MzY4NTMxMyIsImVidXkiOiIyODQxNzA4NjUyIiwiZWFkdiI6IjUwMDgxMTg3ODciLCJlY2lkIjoiMTM4MzQ2MjU4NDg5IiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwNDU5MDY1OC9SSkVhckFkcyIsImVzaWQiOm51bGwsInNpemUiOiIyMzR4NjAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=17&tid=b7a5d556-1e9a-4b6c-b570-a9ab400d16c6&pid=deeea6fe-5080-4dec-9af1-56af8b19bdee&dtm=1617966995031&qnm=_matherq&visible=1&tabid=d03bb76d-ee46-4878-a688-d72c02a1a325&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vp=1600x1200&ds=1600x6068&tofa=1617966995&vid=1&lvidt=1617966995&duid=e5420230c61b1acd&fp=1072425006&cid=ma54884&mrk=233443800
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:35 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 7426 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW0PpgXhQK8ek_eGLwz1wNp8C4dXo_8KsKljFRYcV84XnptP9DAl_zCllynrZIWSFeCjGVGaepD8BCjvRd-sijf4GNCNSikAiixIelEKCpfvxF6LIDJn94q-_pymezH0SYJIb4onCPzbORDo6TeIGAWyKXXG2ILTxt8CnH2w1a0DR1aowlogW7_NX5pu6Px2TlSJaxchHdF0jmP2WNzMwRJXa02CkmGUoCqVmKpE0wk73gM0Mk4U8Lso6PGKmxAsx6Sb7-V65BkmZXNr7fpg1iABWb2_2NAI3JWCINbnnC0Tz0nBlP&sai=AMfl-YQ5sG9tahKs-6kwULOidMymXr_3R5krlqK93hstGkmzcKj3Hp7ZquFz4OTTC-yExIOLJzmWphoSjZNkjbZE0o_Kg-dcqeN42LYAtMa6qQYoQW3p6bTLjyREj4p-0Rnl&sig=Cg0ArKJSzJvl7bG4zZBtEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 11:16:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C25E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukIu7UfHtV2-4jUEf5zxC_eEvzlvkB6cGfMV4PelRnp_B42T-Yl8DoU46UK40iL8XDx2Qg2gfEzVdZvpYkz1HiWv5ver9jCdT5cEizULTNfma_KcglAMZoxPCsj6yFOwXc7GOWjFEZB4Ur84hqdpfZbnUx5vGC_cHCRwS4XK4ZIkTIzMFAqHqyXtUBuKSnPSRi0qi0nrfdMBeV1doUR37qMj_pX2BM1ZqsGiVynUbJ0fZ9W-IvJttEkco5qEPtQM-3ZlPxCRxdj19B0vdV6_Vx_D3l3FLrJe2SXw0vp7Mb15w8PpG4&sai=AMfl-YRZlCLa-js4CC9ocarMQvM9cKs1KWwCXKUW_vmA9osZnBE1rxr5qG1C5EC9y51SR3eSUx2dBHB_QToHKMNU0uqniRkwMvkauWbdmXvqCxkie4ZYQmvEVK2q6arJw8c&sig=Cg0ArKJSzHUOqNvHkYfMEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 11:16:35 GMT
collect
www.google-analytics.com/j/ 		2 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=239974910&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ul=en-us&de=UTF-8&dt=Nevada%E2%80%99s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MetaTagsCollected&el=Not%20Set&_u=aGhAAEABAAAAAG~&jid=1153473396&gjid=682942373&cid=1035772386.1617966993&tid=UA-77901017-19&_gid=1044908547.1617966995&_r=1&gtm=2wg3v05ZBPF7G&cg1=article&cd1=1617966995220.kmvoj3nk&cd2=61c4cc707900851e4a0d4f5b262ca84e&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set%20-%20Exception&cd17=1617966995221.0.i3a5t1az8rn&cd18=Not%20Set&cd19=Default&z=1416368706
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZBPF7G&l=MG2DL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
1789
date
Fri, 09 Apr 2021 10:46:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Fri, 09 Apr 2021 12:46:46 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-77901017-19&cid=1035772386.1617966993&jid=1153473396&gjid=682942373&_gid=1044908547.1617966995&_u=aGhAAEABAAAAAG~&z=553693595
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 09 Apr 2021 11:16:35 GMT
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-19&cid=1035772386.1617966993&jid=1153473396&_u=aGhAAEABAAAAAG~&z=1083777938
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-19&cid=1035772386.1617966993&jid=1153473396&_u=aGhAAEABAAAAAG~&z=1083777938
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:35 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
/
trends.revcontent.com/api/delivery/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=false&w=174258&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&icr_url=&va=1&time=1617966995426&up=pc&bn=chrome&bv=89&widget_width=1200
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.25 (Debian) /
Resource Hash
63492cae368ea0530a2e9de0c30f1da6c3dcf4a0a24751f1ca2072ef42762bf7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.reviewjournal.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
6457
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		598 B
948 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1617966995540
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18ba8e49bcf43ffde2e8a68db14a7fdd051529a9828e99e5cda6fcf47f032881

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lYUq8PfaBwRk9YMmIP3kY8deky6aIzCkuqp6SG9rwPZC5z8J1cqHWJAGc7Uqr5FJuLqYhC6oVjL9ZNBmm968ZH2dZlvacyadj8hfLMsO5WgYcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
63d352fb0eb34abd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0957f230e200004abdfa3dd000000001
integrator.js
adservice.google.se/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=www.reviewjournal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.reviewjournal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1562186486989213&correlator=1184949719223465&output=ldjh&impl=fif&eid=31060311%2C31060550%2C31060506%2C44739387%2C31060622&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210409&iu_parts=104590658%2CRJHighImpact&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90&prev_scp=pos%3D1&eri=1&cust_params=tag%3Dcoronavirus%26section%3Dnews%26article%3D1%26app%3Dno%26sub_section_1%3Dpolitics-and-government%26sub_section_2%3Dnevada%26post_id%3D2324885&cookie_enabled=1&bc=31&abxe=1&lmt=1617966995&dt=1617966995610&dlt=1617966992464&idt=759&frm=20&biw=1600&bih=1200&oid=3&adxs=200&adys=214&adks=1219627725&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1200x270&msz=1200x250&psts=AGkb-H_dUS0q88w-qNgBfVjUViijl3BQ7jB7WGdoBWz0FiCCUp8QKGAHwY720I1uvv8woB4dx2j5qLFrzkoI1RJ0HdMMIhKx%2CAGkb-H9u2qppedOUGcrHXJFXo9ZZFNcc3wCiQQS7wX91LQHcpYuADPF_m0k4yTBUAXeOlIASg537Pt-q2WMyTzo7wONF1cNu&ga_vid=1035772386.1617966993&ga_sid=1617966993&ga_hid=239974910&ga_fc=false&fws=4&ohw=1200&btvi=0
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9cb36e3be47c35941f14b75bd46b4b4f12908d0c989d66d6e4173e9fb58497ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8264
x-xss-protection
0
google-lineitem-id
5663685313
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138345828458
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTY2MzY4NTMxMyIsImVidXkiOiIyODQxNzA4NjUyIiwiZWFkdiI6IjUwMDgxMTg3ODciLCJlY2lkIjoiMTM4MzQ1ODQ5OTkwIiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwNDU5MDY1OC9SSkVhckFkcyIsImVzaWQiOm51bGwsInNpemUiOiIyMzR4NjAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=17&tid=724d2d4b-e5ce-483b-83af-e1917d653d56&pid=deeea6fe-5080-4dec-9af1-56af8b19bdee&dtm=1617966995035&qnm=_matherq&visible=1&tabid=d03bb76d-ee46-4878-a688-d72c02a1a325&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vp=1600x1200&ds=1600x6068&tofa=1617966995&vid=1&lvidt=1617966995&duid=e5420230c61b1acd&fp=1072425006&cid=ma54884&mrk=233443800
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:35 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1562186486989213&correlator=2146521944035110&output=ldjh&impl=fif&eid=31060311%2C31060550%2C31060506%2C44739387%2C31060622&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210409&iu_parts=104590658%2CRJInFeed&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C336x280&prev_scp=pos%3D1%26top_ad%3Dyes&eri=1&cust_params=tag%3Dcoronavirus%26section%3Dnews%26article%3D1%26app%3Dno%26sub_section_1%3Dpolitics-and-government%26sub_section_2%3Dnevada%26post_id%3D2324885&cookie_enabled=1&bc=31&abxe=1&lmt=1617966995&dt=1617966995650&dlt=1617966992464&idt=759&frm=20&biw=1600&bih=1200&oid=3&adxs=1100&adys=549&adks=409593402&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&psts=AGkb-H_dUS0q88w-qNgBfVjUViijl3BQ7jB7WGdoBWz0FiCCUp8QKGAHwY720I1uvv8woB4dx2j5qLFrzkoI1RJ0HdMMIhKx%2CAGkb-H9u2qppedOUGcrHXJFXo9ZZFNcc3wCiQQS7wX91LQHcpYuADPF_m0k4yTBUAXeOlIASg537Pt-q2WMyTzo7wONF1cNu&ga_vid=1035772386.1617966993&ga_sid=1617966993&ga_hid=239974910&ga_fc=false&fws=4&ohw=300&btvi=0
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9f17f977ee8c6d7874b9ed91c2bc311e63fc720752dae31358ebb7fe202dce65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8245
x-xss-protection
0
google-lineitem-id
5663685313
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138346257451
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:35 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
/
img.revcontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:39 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1617966999.cds079.am5.hn,1617966999.cds012.am5.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
rc-logo.png
cdn.revcontent.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:39 GMT
last-modified
Wed, 07 Apr 2021 21:02:38 GMT
etag
"1617829358"
x-hw
1617966999.cds066.am5.hn,1617966999.cds221.am5.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=7
accept-ranges
bytes
content-length
4298
container.html
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2EB7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reviewjournal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reviewjournal.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 11:16:33 GMT
expires
Sat, 09 Apr 2022 11:16:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Nevada%E2%80%99s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&sec=Nevada&pubname=Las%20Vegas%20Review-Journal&prem=private&ptype=article&hier=News%7CPolitics%20and%20Government%7CNevada&auth=Katelyn%20Newberg&artupt=1617923438&arttype=post&artsrc=Local&artpubt=1617907076&artid=2324885&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=17&tid=497322f3-48ed-43ce-a210-c01eb901c55f&pid=deeea6fe-5080-4dec-9af1-56af8b19bdee&dtm=1617966995061&qnm=_matherq&visible=1&tabid=d03bb76d-ee46-4878-a688-d72c02a1a325&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vp=1600x1200&ds=1600x6068&tofa=1617966995&vid=1&lvidt=1617966995&duid=e5420230c61b1acd&fp=1072425006&cid=ma54884&mrk=233443800&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxNzk2Njk5MTUyMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMy4xbWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMTI5MiIsImZldGNoUyI6IjIyNSIsImRvbWFpblMiOiIyMjYiLCJkb21haW5FIjoiMjI2IiwiY29ublMiOiIyMjYiLCJjb25uRSI6IjI4NSIsInNzbFMiOiIyNTQiLCJyZXF1UyI6IjI4NSIsInJlc3BTIjoiOTQwIiwicmVzcEUiOiIxMTQ5IiwiZG9tTG9hZCI6Ijk0MyIsImRvbUludGVyIjoiMTg1MyIsImRvbUxvYWRTIjoiMTg5OCIsImRvbUxvYWRFIjoiMTkwMCJ9LCJyZWRpcmVjdFVybCI6Imh0dHBzOi8vd3d3LnJldmlld2pvdXJuYWwuY29tL3Bvc3QvMjMyNDg4NSIsImNhdGVnb3J5Ijp7ImNhdGVnb3JpZXMiOltbIk5ldmFkYSIsIkNsYXJrIENvdW50eSIsIkhlYWx0aCIsIkxpZmUiLCJMb2NhbCIsIk5ld3MiLCJQb2xpdGljcyBhbmQgR292ZXJubWVudCJdXX19
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:35 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
pw.js
includemodal.global.ssl.fastly.net/ Frame 2EB7 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
559
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
zKASlqkVCUZOsRKLHYlxaaG2Zusv8s2gxodG5AvxPyO0BP/CsqLEty0Y3XSFvc7R+PxDCEzXN/Y=
X-Served-By
cache-bma1626-BMA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1617966996.872679,VS0,VE0
Date
Fri, 09 Apr 2021 11:16:35 GMT
Vary
Accept-Encoding
x-amz-request-id
72G66PAH0MW82XN9
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
716
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 2EB7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17914786394753848863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 11:12:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2EB7 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10726
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 08:17:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2EB7 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 11:16:35 GMT
container.html
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D8E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reviewjournal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reviewjournal.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 11:16:33 GMT
expires
Sat, 09 Apr 2022 11:16:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.se/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=www.reviewjournal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.reviewjournal.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1562186486989213&correlator=479607478269099&output=ldjh&impl=fif&eid=31060311%2C31060550%2C31060506%2C44739387%2C31060622&vrg=2021040101&ptt=17&sc=1&sfv=1-0-38&ecs=20210409&iu_parts=104590658%2CRJInFeed&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&prev_scp=pos%3D1%26sidebar%3Dyes&eri=1&cust_params=tag%3Dcoronavirus%26section%3Dnews%26article%3D1%26app%3Dno%26sub_section_1%3Dpolitics-and-government%26sub_section_2%3Dnevada%26post_id%3D2324885&cookie=ID%3D0d65f6a269ede26b%3AT%3D1617966995%3AS%3DALNI_MZrrq1VuO9OKdDOCEYC3tc3bXDWog&bc=31&abxe=1&lmt=1617966995&dt=1617966995855&dlt=1617966992464&idt=759&frm=20&biw=1600&bih=1200&oid=3&adxs=1100&adys=1704&adks=1038609002&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H_dUS0q88w-qNgBfVjUViijl3BQ7jB7WGdoBWz0FiCCUp8QKGAHwY720I1uvv8woB4dx2j5qLFrzkoI1RJ0HdMMIhKx%2CAGkb-H9u2qppedOUGcrHXJFXo9ZZFNcc3wCiQQS7wX91LQHcpYuADPF_m0k4yTBUAXeOlIASg537Pt-q2WMyTzo7wONF1cNu%2CAGkb-H9F45z5BI_k3mrry6_1Dz8cG03cvIqCawIPVwn4p5qgOrn9bPAJGyLoHio9Ht4VtfDHXcSQEmrrtsIZI3qeS3VZUxE%2CAGkb-H9SEsd1Quse7b0LcD59yXh2coZ6dum23Yfkq9bm0TMTaLiikgey6BErFQquHdLVkMwVNYHffZhiBlB28OD0xwVLS7k&ga_vid=1035772386.1617966993&ga_sid=1617966993&ga_hid=239974910&ga_fc=false&fws=4&ohw=1600&btvi=1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
6d353ae9262026d7db4ba404cd1661d7f68a9d69f6141789789ad4a538795e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8144
x-xss-protection
0
google-lineitem-id
5663685313
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138346260487
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 2EB7 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4965
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 09:53:50 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 0D8E 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
559
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
zKASlqkVCUZOsRKLHYlxaaG2Zusv8s2gxodG5AvxPyO0BP/CsqLEty0Y3XSFvc7R+PxDCEzXN/Y=
X-Served-By
cache-bma1626-BMA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1617966996.938436,VS0,VE0
Date
Fri, 09 Apr 2021 11:16:35 GMT
Vary
Accept-Encoding
x-amz-request-id
72G66PAH0MW82XN9
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
717
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 0D8E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17914786394753848863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 11:12:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0D8E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10726
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 08:17:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D8E 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 11:16:35 GMT
13674
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		321 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/13674?t=202139133
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d20c5b0fb7547e3a9d66511f2cdca9eae94f508c525e7eacc02532959e39cbbf

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
SjIS4L6vXNxKjq1ieFd0pRA9PYFBYpYZ
last-modified
Fri, 09 Apr 2021 10:46:09 GMT
server
AmazonS3
x-amz-request-id
WBABPJB14SEPWTB4
etag
"d1e6390556351b5546a13578cae0b2f7"
content-type
application/octet-stream
date
Fri, 09 Apr 2021 11:16:36 GMT
accept-ranges
bytes
content-length
321
x-amz-id-2
eA40k5cNrhJIe0JrrJa7glUCJfsh0efZkRP+e4rbR+jOvGhu5rHB9Q2KLWW2l+gYSdLXTaV2CIs=
3b1c0b02-a34a-4a2e-9feb-655ccef0fe86.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 2EB7 		45 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5e00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ffee5c9782e70ed6a4c23ed49fd70dfbbce1ddb73d1f04dd51bcb1242e2115ce

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:57:20 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
8355
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
*
x-amz-cf-id
YS6htGN_bSd-bVzs05df-YiKokJJ4htVxSExoWcndD_r4cwMZXUBXQ==
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86/ Frame 2EB7 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86/?rand=620081&referer=https://www.reviewjournal.com/
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTY2MzY4NTMxMyIsImVidXkiOiIyODQxNzA4NjUyIiwiZWFkdiI6IjUwMDgxMTg3ODciLCJlY2lkIjoiMTM4MzQ1ODI4NDU4IiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwNDU5MDY1OC9SSkhpZ2hJbXBhY3QiLCJlc2lkIjpudWxsLCJzaXplIjoiOTcweDI1MCIsInJlbmRlcmVkIjoiMSJ9&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=17&tid=b59eced3-8608-4267-9951-a8f2269e3add&pid=deeea6fe-5080-4dec-9af1-56af8b19bdee&dtm=1617966995743&qnm=_matherq&visible=1&tabid=d03bb76d-ee46-4878-a688-d72c02a1a325&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vp=1600x1200&ds=1600x6396&tofa=1617966995&vid=1&lvidt=1617966995&duid=e5420230c61b1acd&fp=1072425006&cid=ma54884&mrk=233443800
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:36 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
container.html
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C1F4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reviewjournal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reviewjournal.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 11:16:33 GMT
expires
Sat, 09 Apr 2022 11:16:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
604e6b9dca5082-88755263.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/604e6b9dca5082-88755263.jpg
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
d37087f40012ad2c9dd5c5f9dbe18f07f025515768ad0de674bddc1267f0de76
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="604e6b9dca5082-88755263.webp"
server-timing
fastly;dur=2;cpu=1;start=2021-04-03T14:57:26.859Z;desc=hit,rtt;dur=0
content-length
18648
last-modified
Tue, 23 Mar 2021 10:16:23 GMT
server
Cloudinary
etag
"1a79a9df61498cc536bcffba4bd15bde"
vary
Accept
x-hw
1617966996.cds130.am5.hn,1617966996.cds156.am5.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
15325530070980734337.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15325530070980734337.jpg
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
aff84e8abf6fb249fed68366a7225441ab121ce300a2f35fa898a4cef9a32a31
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="15325530070980734337.webp"
server-timing
fastly;dur=1;cpu=0;start=2020-10-23T23:48:30.481Z;desc=hit,rtt;dur=0
content-length
21998
last-modified
Mon, 12 Oct 2020 18:14:14 GMT
server
Cloudinary
etag
"31d8579bc6efd9aa099cc4f2a889f402"
vary
Accept
x-hw
1617966996.cds130.am5.hn,1617966996.cds013.am5.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
5fb1e5e0e368a6-21557030.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5fb1e5e0e368a6-21557030.jpg
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3edf07aaa046b7734fee00720300c088de35e8cb32bfc8c9232cf9b8584f7da1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="5fb1e5e0e368a6-21557030.webp"
server-timing
fastly;dur=1;cpu=0;start=2021-01-04T05:16:43.451Z;desc=hit,rtt;dur=0
content-length
19436
last-modified
Mon, 16 Nov 2020 22:13:02 GMT
server
Cloudinary
etag
"dd73ae92b793e8453f5110daa6713c7c"
vary
Accept
x-hw
1617966996.cds130.am5.hn,1617966996.cds114.am5.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
MG2AuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/MG2AuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F2B) /
Resource Hash
ee846502da590dfe518f5ea912fa41fed06e8a85240f592c95b42b5078997974

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:36 GMT
content-encoding
gzip
content-md5
tYgM+dz1/IrU35FTUTyZ4Q==
age
18057
x-cache
HIT
content-length
2156
x-ms-lease-status
unlocked
last-modified
Mon, 15 Mar 2021 11:43:03 GMT
server
ECAcc (frc/8F2B)
etag
0x8D8E7A77DDF8B19
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6e77de2f-d01e-0124-4807-2df964000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
Auth0AuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/Auth0AuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE9) /
Resource Hash
ef640a042805051c478e09f6412fc8f7074b87e6c6c4c5773e4c56e9dc227d2a

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:36 GMT
content-encoding
gzip
content-md5
jDAWykp3klSfwCvqX7y/Sg==
age
18057
x-cache
HIT
content-length
1991
x-ms-lease-status
unlocked
last-modified
Mon, 15 Mar 2021 11:43:02 GMT
server
ECAcc (frc/8FE9)
etag
0x8D8E7A77D885503
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
dbf0b8c2-901e-00c9-4507-2db6b5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
CustomAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/CustomAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FE3) /
Resource Hash
c1f9c561ab2137104a3b6f2976e6b94b87c356732fd7272b16a88cabf44d895a

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:36 GMT
content-encoding
gzip
content-md5
NcS56FDE7OtMX8U1x7K49Q==
age
18057
x-cache
HIT
content-length
1809
x-ms-lease-status
unlocked
last-modified
Mon, 15 Mar 2021 11:43:02 GMT
server
ECAcc (frc/8FE3)
etag
0x8D8E7A77DBE8D7B
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
322d1681-301e-006e-7907-2d8f56000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
JanrainAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/JanrainAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD2) /
Resource Hash
102a08dc123aa03c5845a63ff8d5d596cde82b4e12c6729d4d0c37a1c41f432c

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:36 GMT
content-encoding
gzip
content-md5
VL18ZIW/4GEW0ya6QnKLWA==
age
18057
x-cache
HIT
content-length
2308
x-ms-lease-status
unlocked
last-modified
Mon, 15 Mar 2021 11:43:02 GMT
server
ECAcc (frc/8FD2)
etag
0x8D8E7A77DC9658E
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0815bdf7-701e-0122-2007-2d0e1c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
NewzwareAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/NewzwareAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F60) /
Resource Hash
636db9eabb4c312e5fdbf709257aaf59366cef035d4a03dfb326a0a339567c15

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:36 GMT
content-encoding
gzip
content-md5
TaBgtIG/So9MHEhgtkHcKg==
age
18057
x-cache
HIT
content-length
3729
x-ms-lease-status
unlocked
last-modified
Mon, 15 Mar 2021 11:43:03 GMT
server
ECAcc (frc/8F60)
etag
0x8D8E7A77DEA8A5A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6aa2aa37-401e-00c0-4307-2dac3b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
LikeButtons4.js
cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/ 		114 B
244 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/LikeButtons4.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F78) /
Resource Hash
afda1dcdc734ede8bedac395d9c15d95fea1ac45067d863c60cbd1a03716f38b

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 09 Apr 2021 11:16:36 GMT
content-md5
bjRG+7MSSfhlfZpu/s9ufw==
age
18057
x-cache
HIT
content-length
114
x-ms-lease-status
unlocked
last-modified
Mon, 15 Mar 2021 11:43:02 GMT
server
ECAcc (frc/8F78)
etag
0x8D8E7A77DD4B2F4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
71da6a4e-a01e-00ca-2c07-2db5b2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
accept-ranges
bytes
index.html
s0.2mdn.net/dfp/520018/5008118787/1617900719272/ Frame 792F 		26 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
903528dd4ce871e9569e497d52a9f94098fcfc5712a251e72a4b959db5a69e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/520018/5008118787/1617900719272/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
4449
date
Fri, 09 Apr 2021 09:38:53 GMT
expires
Sat, 10 Apr 2021 09:38:53 GMT
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
5863
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 2EB7 		0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvX48KBZOYotcVgSAUmSxpxMJhVoX_jTkCj06yRM2QJ9w-fmSH7Jx4ceLviMV6nvubmCYn2gPO3MVfCNzZ5s0nwdjeDRMBF7SFxl_hWX6iTtYhSt_1_B1AJgXyfJrjV2odjPnj9jtv61y_6-iK3vsAgtU54T16xwZxd8yjk8V7hW5Ki7mOZvY744FbRK2DjdlDE6Gau6oTB7LN6T968xBFgSuOJhlbgUl_LhNynmPW0xkGKqM5VTPO-v2Tw6t8ROyBzEXjw-zNrSYyQ0gmIqCOJV_fL3bi8OWk1XBZQq751XkOl3NS1WVc&sig=Cg0ArKJSzB17MGbNT6PTEAE&urlfix=1&adurl=
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
log.gif
includemodal.com/static/ Frame 2EB7 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=0529e0fd-54c1-416a-9c21-6c4986618efc&url=https://cleanaffordable.com/%3Futm_source%255Cx3ddisplay%255Cx26utm_medium%255Cx3dbanner%255Cx26utm_campaign%255Cx3dnvgas1%2527%3D&o=https://www.reviewjournal.com/
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame 7426 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzLiKsMV6VMYO_2wfUW399aoV3IpxnGP21gDQoz1xj20dl9s9rP4rAtihMz9SXoO1a_hpIPaueqOtqPahnwkDQWoy--9tFHkXP0JoqDvo&sig=Cg0ArKJSzFAPVc3mtMYPEAE&id=osdim&mcvt=1152&p=24,1016,84,1250&mtos=1152,1152,1152,1152,1152&tos=1152,0,0,0,0&v=20210407&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=2133462702&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1617966993570&dlt=201&rpt=734&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
sync.springserve.com/usersync/ 		51 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.springserve.com/usersync/json
Requested by
Host: fuel-streaming-prod01.fuelmedia.io
URL: https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6ef98da2c7bd2c043c2445d75315901e93133b3791a4ba4b0ba748d63e21917f

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:36 GMT
access-control-allow-credentials
true
server
nginx
content-length
51
content-type
application/json
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 0D8E 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4966
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 09:53:50 GMT
3b1c0b02-a34a-4a2e-9feb-655ccef0fe86.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 0D8E 		45 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5e00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ffee5c9782e70ed6a4c23ed49fd70dfbbce1ddb73d1f04dd51bcb1242e2115ce

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:57:20 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
8356
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
*
x-amz-cf-id
cTgo_1p1t--TeqxjUIyVrhtwvcxvhTwsDhSLVsVu6E8s4vlp96UzHw==
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86/ Frame 0D8E 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86/?rand=651569&referer=https://www.reviewjournal.com/
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame C25E 		42 B
479 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfwNNgNTe_mKg97dvc8159QhJ9uq78OY57uY4-EmKJR3QvA2eBx9USlyIKkgynPPoVa9QupHYhvdLa2246o02-2yV9urB-Wn_X22MTFTM&sig=Cg0ArKJSzJ_KanDVuE0vEAE&id=osdim&mcvt=1129&p=24,350,84,584&mtos=1129,1129,1129,1129,1129&tos=1129,0,0,0,0&v=20210407&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=524154816&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1617966993581&dlt=194&rpt=721&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:36 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.reviewjournal.com
date
Fri, 09 Apr 2021 11:16:36 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTY2MzY4NTMxMyIsImVidXkiOiIyODQxNzA4NjUyIiwiZWFkdiI6IjUwMDgxMTg3ODciLCJlY2lkIjoiMTM4MzQ2MjU3NDUxIiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwNDU5MDY1OC9SSkluRmVlZCIsImVzaWQiOm51bGwsInNpemUiOiIzMDB4NjAwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=17&tid=382266e1-e305-469b-97ce-d0cfcafd7d02&pid=deeea6fe-5080-4dec-9af1-56af8b19bdee&dtm=1617966995805&qnm=_matherq&visible=1&tabid=d03bb76d-ee46-4878-a688-d72c02a1a325&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vp=1600x1200&ds=1600x6396&tofa=1617966995&vid=1&lvidt=1617966995&duid=e5420230c61b1acd&fp=1072425006&cid=ma54884&mrk=233443800
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:36 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
m
secure-gl.imrworldwide.com/cgi-bin/ 		0
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ci=nlsnapi29032&am=4&ep=1&at=view&rt=banner&st=image&ca=moat_tsci_8t2oB&cr=crv4917808&pc=b-13674-www.nativo.com&r=1617966996330
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ba00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:36 GMT
via
1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
TnI8xobfaSfLYo24KLcj9tAX6dCFGdLCi3xVaaYIzsMBUZOLK0NxyQ==
expires
Thu, 01 Dec 1994 16:00:00 GMT
log.gif
includemodal.com/static/ Frame 0D8E 		42 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=96ee1eb2-6597-4dde-b303-0c27a797cb44&url=https://cleanaffordable.com/%3Futm_source%255Cx3ddisplay%255Cx26utm_medium%255Cx3dbanner%255Cx26utm_campaign%255Cx3dnvgas1%2527%3D&o=https://www.reviewjournal.com/
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
pw.js
includemodal.global.ssl.fastly.net/ Frame C1F4 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
06nUkp5i9bkkXh8_cteY_BtzzXlVWVZE
Content-Encoding
gzip
ETag
"68a10f0c0f3d345bba1f230a84a01628"
Age
560
X-Cache
HIT
Connection
keep-alive
Content-Length
10528
x-amz-id-2
zKASlqkVCUZOsRKLHYlxaaG2Zusv8s2gxodG5AvxPyO0BP/CsqLEty0Y3XSFvc7R+PxDCEzXN/Y=
X-Served-By
cache-bma1626-BMA
Last-Modified
Wed, 31 Mar 2021 21:28:39 GMT
Server
AmazonS3
X-Timer
S1617966996.426757,VS0,VE0
Date
Fri, 09 Apr 2021 11:16:36 GMT
Vary
Accept-Encoding
x-amz-request-id
72G66PAH0MW82XN9
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
718
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame C1F4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
263
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17914786394753848863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 11:12:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C1F4 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10727
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 08:17:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1F4 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 11:16:36 GMT
38d2e1519a8613c8f6d87e70bce24adb.js
s0.2mdn.net/dfp/520018/5008118787/1617900719272/ Frame 792F 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/38d2e1519a8613c8f6d87e70bce24adb.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300286007861bbccdd557fcf95ed6153a4f0354e9a415f576ee3d48bf85c370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5861
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17396
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 10 Apr 2021 09:38:55 GMT
index.html
s0.2mdn.net/dfp/520018/5008118787/1617899791678/ Frame 330C 		25 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48fa93d49b072e7b67884b6510f39915eb6af3c199ee93129879474aae1f199d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/520018/5008118787/1617899791678/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
4298
date
Fri, 09 Apr 2021 11:16:36 GMT
expires
Sat, 10 Apr 2021 11:16:36 GMT
cache-control
public, max-age=86400
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 0D8E 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhe_uQ26Gdj957RnTwxN7G93F15MlILVdhtTxip5BySeIs9qm5JdBGriDVfM_bN-assANPcwNuV1ADXpagI5ojamAeE40vP0_QuL2LMbKcXmKSDJ8BY_fZt9ZIgp9vPEYnROpgmSKN_ixs9Vn6bv59z4sDC9dcWbSqXWDRQA3jPTeayLL0lECOnY_FpLEATtI-x_F17BgNvB6yDqjfew7uKQ2HTUcanMKy9zmY97bkDE79b3hFsce2RJy3UvBN48Br5qaRYIHaFQ1x3odUE6_FhzxYlb3E4bSFRSamlJXrcZyWCQ&sig=Cg0ArKJSzB80mSJ_j-ZLEAE&urlfix=1&adurl=
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame 792F 		4 KB
686 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/38d2e1519a8613c8f6d87e70bce24adb.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 09:44:49 GMT
server
ESF
date
Fri, 09 Apr 2021 11:16:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 11:16:36 GMT
b95cb3f109841ea83204cc54c6cfb4dc.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/b95cb3f109841ea83204cc54c6cfb4dc.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a026e6589bd493bcfb20885f4bf5c853dbd9985ef1849b7422bb1c69e49bc9ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5861
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30022
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:55 GMT
9b3dd496ff0a838c64a4614bc856356d.png
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/9b3dd496ff0a838c64a4614bc856356d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc4d0f009cb06307dc53a26ae5d77967107e906d1d159d635547df7f419bd1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5861
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5534
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:55 GMT
d28247ea50a92408573177a0edd7bd11.png
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/d28247ea50a92408573177a0edd7bd11.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a1dc536745ed7df8e60c04b0489378be61ba62d0f04cd58c0e9c872eedb2ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5861
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2004
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:55 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTY2MzY4NTMxMyIsImVidXkiOiIyODQxNzA4NjUyIiwiZWFkdiI6IjUwMDgxMTg3ODciLCJlY2lkIjoiMTM4MzQ2MjYwNDg3IiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwNDU5MDY1OC9SSkluRmVlZCIsImVzaWQiOm51bGwsInNpemUiOiIzMDB4MjUwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=17&tid=3ca7c53d-7413-4c17-837d-394790a24f5b&pid=deeea6fe-5080-4dec-9af1-56af8b19bdee&dtm=1617966996011&qnm=_matherq&visible=1&tabid=d03bb76d-ee46-4878-a688-d72c02a1a325&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vp=1600x1200&ds=1600x6396&tofa=1617966995&vid=1&lvidt=1617966995&duid=e5420230c61b1acd&fp=1072425006&cid=ma54884&mrk=233443800
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:36 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame C1F4 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4966
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 09:53:50 GMT
3b1c0b02-a34a-4a2e-9feb-655ccef0fe86.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame C1F4 		45 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:5e00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ffee5c9782e70ed6a4c23ed49fd70dfbbce1ddb73d1f04dd51bcb1242e2115ce

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:57:20 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
8356
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
*
x-amz-cf-id
XuiqIHruqK5TVofMonf4eBtRdOMXmMTa0vNDr28KfY1S-I_dk0gQPw==
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
/
includemodal.com/service/imp/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86/ Frame C1F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/3b1c0b02-a34a-4a2e-9feb-655ccef0fe86/?rand=597842&referer=https://www.reviewjournal.com/
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ssusersync
vid.springserve.com/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/ssusersync
Requested by
Host: fuel-streaming-prod01.fuelmedia.io
URL: https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.178.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7d934ccc2c6a7ecb64131179a7c0eb439f40d438d5f35247b2e11d2c0d998626

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 11:16:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
3712
content-type
application/javascript
log.gif
includemodal.com/static/ Frame C1F4 		42 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/static/log.gif?logger=4&token=121aff19-0a23-4147-8d33-287461315bcc&url=https://cleanaffordable.com/%3Futm_source%255Cx3ddisplay%255Cx26utm_medium%255Cx3dbanner%255Cx26utm_campaign%255Cx3dnvgas1%2527%3D&o=https://www.reviewjournal.com/
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.126.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
last-modified
Thu, 26 Sep 2019 18:10:35 GMT
server
nginx/1.10.3 (Ubuntu)
accept-ranges
bytes
etag
"5d8cff1b-2a"
content-length
42
content-type
image/gif
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 792F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
309676
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 792F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
309647
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:49 GMT
bea4c457395e8643e4b2b18f894e284f.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/bea4c457395e8643e4b2b18f894e284f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d5120440917d3c35e8579b9a64f9b66fc8e40b7ded1813bdb03ccb50979512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5860
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30025
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:56 GMT
8407a48a-5ead-4510-a39c-75d83b2947f5
https://www.reviewjournal.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.reviewjournal.com/8407a48a-5ead-4510-a39c-75d83b2947f5
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
index.html
s0.2mdn.net/dfp/520018/5008118787/1617902165905/ Frame A7FF 		25 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dab50ecb070cc4606ac03ad7496da959872a609012ac908be878226353c24ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/520018/5008118787/1617902165905/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
4331
date
Fri, 09 Apr 2021 09:38:56 GMT
expires
Sat, 10 Apr 2021 09:38:56 GMT
last-modified
Thu, 08 Apr 2021 17:16:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
5860
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame C1F4 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBj-7DQN5UZZmk-ctsvsHO-FRaiHia5iJO5TQ9b-_77hi1h6MbnNTUylHhbOVkNoxpFk7CcHPDN0HUhUTz1PqPxilPkbDI-27wwFyk0NSsnQ4JJ9z9ZDTTSqMwNNYe3G_--LHI_CrceFuG0hJrhLeQD8WnBL8B_PMYJq6NkwT39y0vXsll1cpgyQtP-gezMYRRI8xPi_Do7OsUsadvOhvXYtvZ62hliwP2Yv8YQSYNW7H0-_AYF6Ckzr98wprwk6FKwFhmDfnHacp6RxhK_2mNMP0KnlQwLBaWuP3qT_VRK22-BQ&sig=Cg0ArKJSzI6KrH6Rh-nREAE&urlfix=1&adurl=
Requested by
Host: 211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
URL: https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
38d2e1519a8613c8f6d87e70bce24adb.js
s0.2mdn.net/dfp/520018/5008118787/1617899791678/ Frame 330C 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/38d2e1519a8613c8f6d87e70bce24adb.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300286007861bbccdd557fcf95ed6153a4f0354e9a415f576ee3d48bf85c370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17396
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
p.js
cdn.parsely.com/keys/lasvegasreviewjournal.com/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/lasvegasreviewjournal.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.180.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-180-67.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
65975545f0ef2110c688da2fbc74c6a593060438ca53f7844dff4a8f2715c77e

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Fri, 09 Apr 2021 04:34:00 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 19:29:12 GMT
server
nginx
age
24156
etag
W/"60340608-fb96"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 6da6e07aeb89276b8f6fa46086b0c8c2.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
HAM50-C3
x-amz-cf-id
X2WuHzrKQn7FG4sibDFsUBLGcm5V2jTmamo6MBLEgTt1rhAaKvrRXw==
expires
Sat, 10 Apr 2021 04:34:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2EB7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkS9wOcBrU-FialJl0k5pdZ9JZ7DjcPRwj-3JemDEfj_tGRl-8YO-QvBOPWByLnXIJDu5SuDrmVNiT8T7_IPLATJv1UubsGEnjSzXtu4XMpsFnEemfQDk5UZGDlnQ8emk-HCNA7O7N87TobZX_zA-2bLLvLuq7xGA9k3L0pPnKfIURfjy48kLfUPtShf_gwe-1HstyxgmLVrkbbj0hnFhjqBOUFrLSV_G0GNPNVWLDNdO6UvRD96N7BbbscYlCINkTlAUH-MouiTGYYgJH7WbhD6C_RmtbpswgQ8QcR-kkdf_zQkCCUx7NgQ&sig=Cg0ArKJSzJkUQAx42IzoEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 11:16:36 GMT
97fb4f4dae3c193408673ba77538e32a.js
s0.2mdn.net/dfp/520018/5008118787/1617902165905/ Frame A7FF 		68 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/97fb4f4dae3c193408673ba77538e32a.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51a234187a980defe1e157f7c2e1d48276e5c42d8f4fe34cb34b48fcb62f76cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5860
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17805
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 17:16:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 10 Apr 2021 09:38:56 GMT
css
fonts.googleapis.com/ Frame 330C 		4 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/38d2e1519a8613c8f6d87e70bce24adb.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 09:35:35 GMT
server
ESF
date
Fri, 09 Apr 2021 11:16:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 11:16:36 GMT
4660e5a2630ddc113fb415bfdab485a8.jpg
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/4660e5a2630ddc113fb415bfdab485a8.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74b7a58c68d889c77d25a08547f24c90db48f839af891b68043b0d4e806b1460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29390
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
aad4043e07fc5c213215b4b87bc1db57.png
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/aad4043e07fc5c213215b4b87bc1db57.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18ea99233fd28b8814cf858d8da55e8f166546581a9449503397235ddab3168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6703
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
896da8d9240cab967ec6067b37dde7f5.png
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/896da8d9240cab967ec6067b37dde7f5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d3737fb32e9f49c26c5c64c5fedd24c40c873b67ecb30760e5771b2edc18b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4258
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
New7at7onGray.jpg
res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_1200/v1611081380/webdev/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/review-journal/image/upload/f_auto,q_auto,c_scale,w_1200/v1611081380/webdev/New7at7onGray.jpg
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
5084ce11acf5eb0851aedce2fb1860ce0670ddb803b29c3f0750e4fda0edbb58
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="New7at7onGray.webp"
server-timing
fastly;dur=1;cpu=0;start=2021-04-09T11:16:36.757Z;desc=hit,rtt;dur=6
vary
Save-Data
content-length
9148
last-modified
Tue, 19 Jan 2021 18:39:37 GMT
server
Cloudinary
etag
"2e705ba279cebd2c11ca308fe13444aa"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin
https://www.reviewjournal.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ 		583 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a6e0179411261e2ff56ff5a212668c664a32b8a09839343b57694d939705618

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
headerstats
as-sec.casalemedia.com/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=360066&u=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&v=3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:36 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.reviewjournal.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 09 Apr 2021 11:16:36 GMT
7395798e-4c30-417b-8b1a-b3d7bad8ff98.m3u8
fuel-streaming-prod01.fuelmedia.io/v1/sem/ 		693 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/sem/7395798e-4c30-417b-8b1a-b3d7bad8ff98.m3u8?sessionId=07bb8d39-8e4a-445c-812e-d4438f791e32&a-ap=1&a-mute=1&a-ssid=c70386a7-d8f1-4f7c-9bf9-180df3f3176a&a-dnt=
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
9b43f2a0a627d9a2c83c6df9484f8240510165f6e4afa069771ce36493a96fc3

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:37 GMT
Via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Cache
Miss from cloudfront
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
693
X-Amz-Cf-Id
20R8eVbesL5ywFwPxdv-eXsUac0Lmnirm0Nc5HTk49X_yMEav8L8aQ==
X-Request-Id
b68736b0-0cbf-437c-b9b6-57127b16ae9d
css
fonts.googleapis.com/ Frame A7FF 		4 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/97fb4f4dae3c193408673ba77538e32a.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 09:32:37 GMT
server
ESF
date
Fri, 09 Apr 2021 11:16:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 11:16:36 GMT
f38162271532bc55bde5f93b01100d72.jpg
s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/ Frame A7FF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/f38162271532bc55bde5f93b01100d72.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf8df44fd8958183b0f6406640a1938b049fe02073e12a677a2b4ea93465cb80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 17:16:05 GMT
server
sffe
age
5859
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29425
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:57 GMT
10466daac42ec15f5f479cb1915cde3e.png
s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/ Frame A7FF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/10466daac42ec15f5f479cb1915cde3e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd37b323f243da9dbda110388b0d80cb4cffce2e1aaf5fe01871f96a5ebd25c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 17:16:05 GMT
server
sffe
age
5859
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2247
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 330C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
309676
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 330C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
309647
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:49 GMT
a97979beb27ca9829d1a4b363f882536.jpg
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/a97979beb27ca9829d1a4b363f882536.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce9039702aecad4537fcd24409559d2f44e63577d1003737b0d350a2569e8f44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39089
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
3d39b811-3925-41fb-b68b-10930274687c
https://www.reviewjournal.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.reviewjournal.com/3d39b811-3925-41fb-b68b-10930274687c
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c5c3a00bbb46fd0ebd56886f2a5fb77bb38ec8ea8a0470fe01b180142c7b07d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5409
Content-Type
application/javascript
14048
rtb.gumgum.com/usync/ Frame C152 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
33bfbd764871f5015fba3f330b7983aff5d042b5f5b22a94e872821411193e5b

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reviewjournal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reviewjournal.com/

Response headers

date
Fri, 09 Apr 2021 11:16:37 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e; Domain=.gumgum.com; Expires=Sat, 09-Apr-2022 11:16:37 GMT; Path=/; Secure; SameSite=None
etag
W/"0d00fd692d01b47a8222704403dab8383"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 39C0 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.reviewjournal.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reviewjournal.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=17610
Expires
Fri, 09 Apr 2021 16:10:07 GMT
Date
Fri, 09 Apr 2021 11:16:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
sync.springserve.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000001&uuid=8468301418355016956
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000001&uuid=8468301418355016956
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 11:16:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:36 GMT
X-Proxy-Origin
185.76.9.102; 185.76.9.102; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.43:80
AN-X-Request-Uuid
b4aaf513-b5d1-4417-bc3b-704412028841
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.springserve.com/usersync?aid=1000001&uuid=8468301418355016956
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
cs.emxdgt.com/ 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000003%26uuid%3D%24UID
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:44 GMT
content-length
0
content-type
text/html
usersync
sync.springserve.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26uuid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26uuid%3D&s=184932&C=1
  • https://sync.springserve.com/usersync?aid=1000005&uuid=YHA3nHSx0sV1.zSXfbU2cwAA%261846
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000005&uuid=YHA3nHSx0sV1.zSXfbU2cwAA%261846
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 11:16:44 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:44 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.springserve.com/usersync?aid=1000005&uuid=YHA3nHSx0sV1.zSXfbU2cwAA%261846
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
274
Expires
Fri, 09 Apr 2021 11:16:44 GMT
usersync
sync.springserve.com/
Redirect Chain
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e872755-9925-11eb-98c4-06101d0df3ac
  • https://ups.analytics.yahoo.com/ups/58185/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP0e872755-9925-11eb-98c4-06101d0df3ac&verify=true
  • https://sync.springserve.com/usersync?aid=759&uuid=y-yF6vqARE2uGfPy_2bJjjwmbFx.cCV80_~A~UP0e872755-9925-11eb-98c4-06101d0df3ac
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=759&uuid=y-yF6vqARE2uGfPy_2bJjjwmbFx.cCV80_~A~UP0e872755-9925-11eb-98c4-06101d0df3ac
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 11:16:40 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif

Redirect headers

Date
Fri, 09 Apr 2021 11:16:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.springserve.com/usersync?aid=759&uuid=y-yF6vqARE2uGfPy_2bJjjwmbFx.cCV80_~A~UP0e872755-9925-11eb-98c4-06101d0df3ac
Connection
keep-alive
Content-Length
0
usersync
sync.springserve.com/
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26uuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26uuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.springserve.com/usersync?aid=1000008&uuid=35f6ed74-d3de-4833-a7d8-0517912b693e
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000008&uuid=35f6ed74-d3de-4833-a7d8-0517912b693e
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 11:16:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:37 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.springserve.com/usersync?aid=1000008&uuid=35f6ed74-d3de-4833-a7d8-0517912b693e
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
nclf912rpocirvuab8144imkpmaohqno
usersync
sync.springserve.com/
Redirect Chain
  • https://bh.contextweb.com/rtset?pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26uuid%3D%25%25VGUID%25%25
  • https://sync.springserve.com/usersync?aid=1000011&uuid=89tN9lRU6Nuh&ev=1&pid=561910
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000011&uuid=89tN9lRU6Nuh&ev=1&pid=561910
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 11:16:39 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.springserve.com/usersync?aid=1000011&uuid=89tN9lRU6Nuh&ev=1&pid=561910
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-65xpl
expires
-1
usersync
rtb.gumgum.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26uuid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1956552786
  • https://sync.1rx.io/usersync/tradedesk/af0b79bc-ef47-4a09-b899-adefd88c7f6e
  • https://sync.targeting.unrulymedia.com/csync/RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Fri, 09 Apr 2021 11:16:39 GMT
Server
Tengine
ETag
RXe634dfcb2c1440db97c62597c3efa643003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
Connection
keep-alive
Content-Type
text/html
us.gif
sync.go.sonobi.com/ 		49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000013%26uuid%3D%5BUID%5D
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:37 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
sync.springserve.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26uuid%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26uuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=0e512b6b-9925-11eb-a4c...
  • https://sync.springserve.com/usersync?aid=1000014&uuid=0e512b32-9925-11eb-a4c8-10d4c6b20406
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000014&uuid=0e512b32-9925-11eb-a4c8-10d4c6b20406
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 11:16:40 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif

Redirect headers

Date
Fri, 09 Apr 2021 11:16:39 GMT
Server
nginx
Location
https://sync.springserve.com/usersync?aid=1000014&uuid=0e512b32-9925-11eb-a4c8-10d4c6b20406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
135
Connection
keep-alive
Content-Length
0
verify
pbs.publishers.tremorhub.com/pubsync/
Redirect Chain
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26uuid%3D%5Btvid%5D
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26uuid%3D%5Btvid%5D
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26uuid%3D%5Btvid%5D
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:9a95:fbee:2d35:58d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:39 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
pubsync/verify?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26uuid%3D%5Btvid%5D
date
Fri, 09 Apr 2021 11:16:39 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
usersync
sync.springserve.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26uuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000016&uuid=6081579686087827243
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000016&uuid=6081579686087827243
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 11:16:39 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000016&uuid=6081579686087827243
date
Fri, 09 Apr 2021 11:16:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pbsync
ads.yieldmo.com/ 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000017%26uuid%3D%24UID
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.3.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A7FF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
309676
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A7FF 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
309647
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 05 Apr 2022 21:15:49 GMT
bea4c457395e8643e4b2b18f894e284f.jpg
s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/ Frame A7FF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/bea4c457395e8643e4b2b18f894e284f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d5120440917d3c35e8579b9a64f9b66fc8e40b7ded1813bdb03ccb50979512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 17:16:06 GMT
server
sffe
age
5860
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30025
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:57 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0D8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskTjPBu4fpv0jAtVVekZZqq-Xq62GhLlG_iuSlpeK7cuQw2zu_4XtSVovYUmHQM5QkOXqW5xJqAvCnf6BzMBy61zkcUD6U3oC29-isecaalLu0lQQZdOY58y8Sg0_oZTM1albYj32Znm_Dscc0CKp3U3bHxvF8xtb-dfg4INX8G1ctvxNwRZvlTsrbJNmFt_OgSxPfUZ5nCaKJy2gNpp1a7dRltIHt-Tt1zPCwAUFBDWE4XXf9NtM5s_xZMECNm8o7W_ecu3CPOBgsGtX4ytWpR0kh66bJV2HJGHshth5Z_B4X4BKm&sig=Cg0ArKJSzJvb4WGm_zgdEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 11:16:37 GMT
sections
fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/ 		122 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/sections
Requested by
Host: fuel-streaming-prod01.fuelmedia.io
URL: https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
5cdb424fda83855abfdfe087e9a57202da475399ff53e5129f44c96a1faabebd

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:37 GMT
Via
1.1 dad44092e95c7e3e18abc391b2ada473.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Cache
Miss from cloudfront
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
122
X-Amz-Cf-Id
linZYRDlBdwuBKhkgowWsRN8yoJAisAZYDsgeMY3YxxvJKqjX0O0Gw==
X-Request-Id
0b09abdd-fbe9-4770-ae91-b866be8fcdf6
truncated
/ 		751 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90a685b764319b1affe9d8bbba58a677879df5005479c12ffb078c4b4028d699

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
view
securepubads.g.doubleclick.net/pcs/ Frame C1F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1XV52B-ZlsHfSkkn6p7VmUaNAgvHmObB1_UHav43ircnd67J7U7qJZ0U7IyYRBpcWK8nytFlqNlvgJPFBbmse6WGxe2YdGbBhw8Dvz8-4vasJuyPcc36ivY-pbeO6BoC7WFy_5NcJzA1uudo_BGU9QNFKvg4t5E_D2ZoeJYFbtjfFqXA8ASdQcox-CdgQC2N6F_YqnW2N91ik-jgLBfIfnxPwkyuMwdQQDOIkM6Xzc_H52ga_E349i6x7ZINi1CiZWxv-WZhqDJUhxPWnWhgjywHPAB2Zz9k_kUCEyWTOaCN7jtk-&sig=Cg0ArKJSzAJGnR57WkEcEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 11:16:37 GMT
content.m3u8
fuel-streaming-prod01.fuelmedia.io/v1/sep/07bb8d39-8e4a-445c-812e-d4438f791e32/600K360AWS/SM/ 		1 KB
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/sep/07bb8d39-8e4a-445c-812e-d4438f791e32/600K360AWS/SM/content.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
0105e535b6c134afd59a7ea134cf3a358919dc1a2827559225a26dd6a60d0e86

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:37 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
HAM50-C3
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
https://www.reviewjournal.com
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
554KWhOXicunbzzbTvRLHtKIISiUasMzq05jN44i2h-xzhcbHnKkOQ==
Via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
X-Request-Id
f6c391a7-729b-42be-87fe-382a17678744
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8B55 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26uuid%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26uuid%3D

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=98656
Expires
Sat, 10 Apr 2021 14:40:53 GMT
Date
Fri, 09 Apr 2021 11:16:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame C152
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=8468301418355016956
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=8468301418355016956
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:37 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:37 GMT
X-Proxy-Origin
185.76.9.102; 185.76.9.102; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid
5fb84528-f85c-4a1b-9d8d-b70211a04f9a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=8468301418355016956
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame C152
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3D202e0319-0434-436d-bd4b-0ec5980c791...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=8f536070-3795-4c00-9b7f-0cf5aa353051&expires=30&ssp=gumgum2&bsw_param=202e0319-0434-436d-bd4b-0ec5980c7912&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=bsw&i=202e0319-0434-436d-bd4b-0ec5980c7912
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=202e0319-0434-436d-bd4b-0ec5980c7912
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:38 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=202e0319-0434-436d-bd4b-0ec5980c7912
date
Fri, 09 Apr 2021 11:16:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
sync.outbrain.com/ Frame C152
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e&obuid=ENC(nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DnLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAV...
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DnLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAV...
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=0e5a7c65-9925-11eb-b93a-1f6fc1874606&obUid=nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=0e5a7c65-9925-11eb-b93a-1f6fc1874606&obUid=nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ&rdrctExp=true
0
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=spotx&uid=0e5a7c65-9925-11eb-b93a-1f6fc1874606&obUid=nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ&rdrctExp=true
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:40 GMT
Cache-Control
no-cache
X-TraceId
a46c5de2e73ba870390cb8c1fc0059f3
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=spotx&uid=0e5a7c65-9925-11eb-b93a-1f6fc1874606&obUid=nLXs5deMM3k6Nqq-hNkfdeFVu8r8gwEoWzTHeBiiAVQ2CzWkMvtarlT0c2KfkirQ&rdrctExp=true
Date
Fri, 09 Apr 2021 11:16:40 GMT
X-TraceId
428fc4a0e5229adc171d4eef668bcec5
Content-Length
0
usersync
rtb.gumgum.com/ Frame C152
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=5aecbb5a-9209-42e5-9c21-b8a17a39ad86
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=5aecbb5a-9209-42e5-9c21-b8a17a39ad86
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:37 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 09 Apr 2021 11:16:37 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=5aecbb5a-9209-42e5-9c21-b8a17a39ad86
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame C152
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-467d1417-d078-4045-528e-7bb8b1a48dba$ip$185.76.9.102
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-467d1417-d078-4045-528e-7bb8b1a48dba$ip$185.76.9.102
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-467d1417-d078-4045-528e-7bb8b1a48dba$ip$185.76.9.102
Date
Fri, 09 Apr 2021 11:16:45 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame C152
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-.8o5jiFE2pdBBNPLq7SKbqmCUahlC3dcnOZU~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-.8o5jiFE2pdBBNPLq7SKbqmCUahlC3dcnOZU~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:37 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 09 Apr 2021 11:16:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-.8o5jiFE2pdBBNPLq7SKbqmCUahlC3dcnOZU~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame C152
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=116e8fe5-9925-11eb-b0c5-e98da5f7f1ff
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=116e8fe5-9925-11eb-b0c5-e98da5f7f1ff
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=116e8fe5-9925-11eb-b0c5-e98da5f7f1ff
Date
Fri, 09 Apr 2021 11:16:44 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
116e8fe6-9925-11eb-b0c5-e98da5f7f1ff
services
sync.technoratimedia.com/ Frame C152 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:44 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
253923737
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame C152 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:44 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame C152
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:45 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame C152
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=36dab738-6709-4fc8-99fe-436b6647d4ed
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=36dab738-6709-4fc8-99fe-436b6647d4ed
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:37 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=36dab738-6709-4fc8-99fe-436b6647d4ed
date
Fri, 09 Apr 2021 11:16:37 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
sync.targeting.unrulymedia.com/csync/ Frame C152
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6295553668
  • https://sync.1rx.io/usersync/tradedesk/af0b79bc-ef47-4a09-b899-adefd88c7f6e
  • https://sync.targeting.unrulymedia.com/csync/RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.147.151 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:39 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:38 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-e634dfcb-2c14-40db-97c6-2597c3efa643-003
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
usersync
rtb.gumgum.com/ Frame C152
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=pSMjDcY9hcua&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=pSMjDcY9hcua&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:39 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=pSMjDcY9hcua&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-wcdsb
expires
-1
usersync
sync.springserve.com/ Frame C152 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000004&uuid=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 11:16:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
content-type
image/gif
usersync
rtb.gumgum.com/ Frame 711E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=8f536070-3795-4c00-9b7f-0cf5aa353051&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=8f536070-3795-4c00-9b7f-0cf5aa353051&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=8f536070-3795-4c00-9b7f-0cf5aa353051&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 09 Apr 2021 11:16:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Fri, 09 Apr 2021 11:16:37 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master zrh-pixel-x25
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=8f536070-3795-4c00-9b7f-0cf5aa353051; domain=.mathtag.com; path=/; expires=Sat, 07-May-2022 11:16:37 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=8f536070-3795-4c00-9b7f-0cf5aa353051&gdpr=&gdpr_consent=
Expires
Fri, 09 Apr 2021 11:16:36 GMT
usersync
rtb.gumgum.com/ Frame 1009
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YHA3nAAAAh084gAJ
  • https://rtb.gumgum.com/usersync?b=atm&i=YHA3nAAAAh084gAJ&gdpr=&gdpr_consent=&_test=YHA3nAAAAh084gAJ
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YHA3nAAAAh084gAJ&gdpr=&gdpr_consent=&_test=YHA3nAAAAh084gAJ
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YHA3nAAAAh084gAJ&gdpr=&gdpr_consent=&_test=YHA3nAAAAh084gAJ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 09 Apr 2021 11:16:44 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YHA3nAAAAh084gAJ&gdpr=&gdpr_consent=&_test=YHA3nAAAAh084gAJ
accept-ranges
bytes
date
Fri, 09 Apr 2021 11:16:44 GMT
via
1.1 varnish
x-served-by
cache-hhn4060-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1617967005.864697,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame F92D 		170 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wOGEzYjQ3Ny02ZTc2LTRiZGQtYTYxZi0yYjkxMDgwODVkOGU=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8wOGEzYjQ3Ny02ZTc2LTRiZGQtYTYxZi0yYjkxMDgwODVkOGU=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlQShvQvdtNBDqFDij_RvWpejkISLWG2Pt3qidvfPI0A7LlniXm0u7-qOAdQhk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Fri, 09 Apr 2021 11:16:41 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 34C5 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=17610
Expires
Fri, 09 Apr 2021 16:10:07 GMT
Date
Fri, 09 Apr 2021 11:16:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 7809
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=af0b79bc-ef47-4a09-b899-adefd88c7f6e&t=1620558997
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=af0b79bc-ef47-4a09-b899-adefd88c7f6e&t=1620558997
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=af0b79bc-ef47-4a09-b899-adefd88c7f6e&t=1620558997
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_08a3b477-6e76-4bdd-a61f-2b9108085d8e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 09 Apr 2021 11:16:37 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Fri, 09 Apr 2021 11:16:37 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=af0b79bc-ef47-4a09-b899-adefd88c7f6e&t=1620558997
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=af0b79bc-ef47-4a09-b899-adefd88c7f6e; domain=.adsrvr.org; expires=Sat, 09-Apr-2022 11:16:37 GMT; path=/; secure; SameSite=None TDCPM=CAEYASABKAIyCwjwwJvE9dS9ORAFOAFaBmd1bWd1bWAC; domain=.adsrvr.org; expires=Sat, 09-Apr-2022 11:16:37 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame B1F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Fri, 09 Apr 2021 11:16:44 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 9F7C
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YHA3ncCo8XMAAIerASUAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YHA3ncCo8XMAAIerASUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YHA3ncCo8XMAAIerASUAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 09 Apr 2021 11:16:45 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Fri, 09 Apr 2021 11:16:45 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YHA3ncCo8XMAAIerASUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
1
X-SO-HostName
a-ad40327.dc2p.scaleout.jp
X-SO-LB-Hostname
m-tgng15.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":11,"gdpr":true,"ipv4":"0.0.0.0","key":"YHA3ncCo8XMAAIerASUAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40327"}
X-SO-Key
YHA3ncCo8XMAAIerASUAAAAA
X-SO-IP
185.76.9.102
X-SO-Cluster-ID
11
X-SO-Upstream-ID
a-ad40327
usersync
rtb.gumgum.com/ Frame E24D
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1871878969067474966
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1871878969067474966
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1871878969067474966
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 09 Apr 2021 11:16:44 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Fri, 09 Apr 2021 11:16:44 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmhuaWZuYGBibmoOABsF1o0QAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 4 May 2022 11:16:44 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwByILSzNLAzNzE3MTSzMzIT5DXbNkF7d0_0r_wORMXyleQzNDc0szcwMDE3NTcwAwo1VPNAAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 4 May 2022 11:16:44 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwByILSzNLAzNzE3MTSzMzIT5DXbNkF7d0_0r_wORMXwBfOIHnJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1871878969067474966
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame CCA1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=pkIBs7xlCefiddjMJnPx&pi=gumgum&tc=1
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=pkIBs7xlCefiddjMJnPx&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.212.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=pkIBs7xlCefiddjMJnPx&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 09 Apr 2021 11:16:44 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Fri, 09 Apr 2021 11:16:44 GMT Fri, 09 Apr 2021 11:16:44 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=pkIBs7xlCefiddjMJnPx&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8B55 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=25319674&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:37 GMT
Content-Length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame A515 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=98656
Expires
Sat, 10 Apr 2021 14:40:53 GMT
Date
Fri, 09 Apr 2021 11:16:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
activeview
pagead2.googlesyndication.com/pcs/ Frame 2EB7 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPYVJMwWq843I5HKnOpCq0VkiTLgI6qtl0LpnwXsjGEPknQ0UoV55LJe9wYRCTmMARw0XGN7ChJVscJ3syNQQd6ct5XWCx4VokiCMH7Eo&sig=Cg0ArKJSzEpsBr32IQrVEAE&id=osdim&mcvt=1005&p=214,315,464,1285&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20210407&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=1219627725&rs=4&met=ie&la=1&cr=0&osd=1&vs=4&rst=1617966995745&dlt=13&rpt=1&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sections
fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/ 		311 B
765 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/sections
Requested by
Host: fuel-streaming-prod01.fuelmedia.io
URL: https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
b45162adf2166c9009600c9606247135ac41553844c6cfc585b7ca2a8c8bbe3e

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:37 GMT
Via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Cache
Miss from cloudfront
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
311
X-Amz-Cf-Id
SsWuSrt6y48hOaiK4z6LyoH3Fiht0Pi5zMx5j0-n_DKf19oS1sn6SQ==
X-Request-Id
2cc25ffb-0774-4450-af4f-7c8c35143e37
b21b720d-f259-49c4-8755-168f9ab35a3c
https://www.reviewjournal.com/ 		52 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.reviewjournal.com/b21b720d-f259-49c4-8755-168f9ab35a3c
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97bca0cfa74fdf9e933e103f53565dbacf9f4c6c58c16017ca1321a62f24a3a1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
52742
Content-Type
application/javascript
c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_600K360AWS_s_00001.ts
fuel-streaming-prod01.fuelmedia.io/sef/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/sef/c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_600K360AWS_s_00001.ts?s=07bb8d39-8e4a-445c-812e-d4438f791e32&c=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&i=0&v=600K360AWS&u=https:%2F%2Ffuel-streaming-prod01.fuelmedia.io&m=0&ch=7395798e-4c30-417b-8b1a-b3d7bad8ff98&d=12.00
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ffb629c0f843dee0a01d32d8bbb56cf0ede97415e14b5a758070874e435f513

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 01:59:51 GMT
Via
1.1 dad44092e95c7e3e18abc391b2ada473.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
33407
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1528064
Last-Modified
Fri, 09 Apr 2021 01:51:32 GMT
Server
AmazonS3
ETag
"aa2d85063e995fca9537faaa51735c07"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
video/MP2T
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
eJfljthYfyc1da_08tMS25DKhCKFZpSEjfjvpiu1XjDTCHpE6rVmlQ==
index.js
d1wa9546y9kg0n.cloudfront.net/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.182.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 09:21:49 GMT
Via
1.1 17b6d0f022cb338e07d6581877453bb0.cloudfront.net (CloudFront)
Last-Modified
Tue, 23 Feb 2016 09:35:10 GMT
Server
AmazonS3
Age
7041
ETag
"cf67eb51479caf3b57c3577a08b6a038"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
Content-Length
6494
X-Amz-Cf-Id
fCq79p6TvwYfQGx5Cu7grgNra06piL7u2cJ5u_bZx9XrApWGrEp1Ng==
activeview
pagead2.googlesyndication.com/pcs/ Frame 0D8E 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSCUZMgBGqI_v6wqr0_vpK04Bw8x4wb_mf74dgimNuLRMBZVMjG6l0KZUtALGwPlc-eV7IZ4V0qMbeYtm3-h7F6qLZVoYXf0G8MiziN5Y&sig=Cg0ArKJSzPQapNJMIwZpEAE&id=osdim&mcvt=1000&p=549,1100,1149,1400&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210407&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=409593402&rs=4&met=ie&la=0&cr=0&osd=1&vs=4&rst=1617966995807&dlt=30&rpt=1&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_600K360AWS_s_00002.ts
fuel-streaming-prod01.fuelmedia.io/sef/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/sef/c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_600K360AWS_s_00002.ts?s=07bb8d39-8e4a-445c-812e-d4438f791e32&c=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&i=1&v=600K360AWS&u=https:%2F%2Ffuel-streaming-prod01.fuelmedia.io&m=1&ch=7395798e-4c30-417b-8b1a-b3d7bad8ff98&d=12.00
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b72fa13b7e20af8f5f57361ec73deac3aedff55dcfe2dbd3f44ffecdf433d51a

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 02:00:22 GMT
Via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
33377
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1186844
Last-Modified
Fri, 09 Apr 2021 01:51:34 GMT
Server
AmazonS3
ETag
"d14dcb4d7bdbf8435201889006e626c0"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
video/MP2T
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
14bllTwhz0jn-RIFxpBd1ben8AlKvayAILZ0KMoDgyuia6zfDVxmFg==
collect
www.google-analytics.com/j/ 		2 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=239974910&t=event&ni=True&_s=1&dl=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ul=en-us&de=UTF-8&dt=Nevada%E2%80%99s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=channelStart&el=7%20at%207%20-%20Articles&_u=aGjAAEABAAAAAG~&jid=375875890&gjid=681741181&cid=1035772386.1617966993&tid=UA-77901017-1&_gid=1044908547.1617966995&_r=1&gtm=2wg3v0WJQX3C&cd12=0&cd14=1&cd17=7395798e-4c30-417b-8b1a-b3d7bad8ff98&cd19=7%20at%207%20-%20Articles&cm3=1&z=470328542
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=375875890&gjid=681741181&_gid=1044908547.1617966995&_u=aGjAAEABAAAAAG~&z=1510703049
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 09 Apr 2021 11:16:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=375875890&_u=aGjAAEABAAAAAG~&z=148820469
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=375875890&_u=aGjAAEABAAAAAG~&z=148820469
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
content.m3u8
fuel-streaming-prod01.fuelmedia.io/v1/sep/07bb8d39-8e4a-445c-812e-d4438f791e32/3500K720AWS/SM/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/sep/07bb8d39-8e4a-445c-812e-d4438f791e32/3500K720AWS/SM/content.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
d16ba9fa3fd29705bfb24e0361f59fe3515d6a4c2f07e8a8992db9f52d50542a

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:38 GMT
Via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Amz-Cf-Id
_5sMuArPZeRXmaEyE4f-BxCXt8BddoeTCoO1DKbSOKJHMIZIRHSqJA==
X-Request-Id
2979f173-4a45-469e-b345-c85f6b9ae480
d8470e1b061f9dd12cc6669267ae471b.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/d8470e1b061f9dd12cc6669267ae471b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15276647ccf87092eb1914b4a13af4f29333871919c2674ea249dd16ef8a916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:11 GMT
server
sffe
age
3
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4113
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:35 GMT
99b3f553edd2d53852afacc7c8308d33.png
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/99b3f553edd2d53852afacc7c8308d33.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90da5a59ad8b76003a1440e5d18da2e7825c21d86a8f55fcbdf86642badaa25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:10 GMT
server
sffe
age
4
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
620f6a280c27d1ef7d0d1e89228b1e55.png
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/620f6a280c27d1ef7d0d1e89228b1e55.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb6cc776124a0e4a99c2d91c88a082bbbb3fbfd9748d77416eb9c3f1612bc7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:11 GMT
server
sffe
age
4
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1696
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00002.ts
fuel-streaming-prod01.fuelmedia.io/sef/ 		5 MB
5 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/sef/c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00002.ts?s=07bb8d39-8e4a-445c-812e-d4438f791e32&c=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&i=1&v=3500K720AWS&u=https:%2F%2Ffuel-streaming-prod01.fuelmedia.io&m=1&ch=7395798e-4c30-417b-8b1a-b3d7bad8ff98&d=12.00
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48f20e70b233fbc589ba9f2480a319a6fad6ce0dc63c95927bddced4e97f2fd7

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 02:01:30 GMT
Via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
33310
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5641128
Last-Modified
Fri, 09 Apr 2021 01:52:57 GMT
Server
AmazonS3
ETag
"49aab0bc825f002a8f87ba2e7096f9a0"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
video/MP2T
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
iaXm_aLSTBjmuMGQv6KfaIiZ3jRoSx5K96OrtJ_G76mHSpX7KyMDpA==
d8470e1b061f9dd12cc6669267ae471b.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/d8470e1b061f9dd12cc6669267ae471b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15276647ccf87092eb1914b4a13af4f29333871919c2674ea249dd16ef8a916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
age
4
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4113
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:35 GMT
99b3f553edd2d53852afacc7c8308d33.png
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/99b3f553edd2d53852afacc7c8308d33.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90da5a59ad8b76003a1440e5d18da2e7825c21d86a8f55fcbdf86642badaa25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
age
5
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
620f6a280c27d1ef7d0d1e89228b1e55.png
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/620f6a280c27d1ef7d0d1e89228b1e55.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb6cc776124a0e4a99c2d91c88a082bbbb3fbfd9748d77416eb9c3f1612bc7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
age
5
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1696
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
sections
fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/ 		311 B
765 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/sections
Requested by
Host: fuel-streaming-prod01.fuelmedia.io
URL: https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
b45162adf2166c9009600c9606247135ac41553844c6cfc585b7ca2a8c8bbe3e

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:39 GMT
Via
1.1 85e4c30db6ed9459bdead04635e1ab69.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Cache
Miss from cloudfront
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
311
X-Amz-Cf-Id
LFZnTpxPayd6CuWGz7szqjQe1RRN7pa7iKL5cSeJWWiyaXgKKLbn1A==
X-Request-Id
42c32dff-99bf-4a19-8df6-bf9ecf81cb9b
c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00002.ts
fuel-streaming-prod01.fuelmedia.io/sef/ 		5 MB
5 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/sef/c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00002.ts?s=07bb8d39-8e4a-445c-812e-d4438f791e32&c=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&i=1&v=3500K720AWS&u=https:%2F%2Ffuel-streaming-prod01.fuelmedia.io&m=1&ch=7395798e-4c30-417b-8b1a-b3d7bad8ff98&d=12.00
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
48f20e70b233fbc589ba9f2480a319a6fad6ce0dc63c95927bddced4e97f2fd7

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 02:01:30 GMT
Via
1.1 dad44092e95c7e3e18abc391b2ada473.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
33310
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5641128
Last-Modified
Fri, 09 Apr 2021 01:52:57 GMT
Server
AmazonS3
ETag
"49aab0bc825f002a8f87ba2e7096f9a0"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
video/MP2T
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
bTvCDWCOcU4eZ-4bpBF48fc58KecCz_kGJCH9mRtNOTkG7oeiSxH3w==
c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00003.ts
fuel-streaming-prod01.fuelmedia.io/sef/ 		5 MB
5 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/sef/c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00003.ts?s=07bb8d39-8e4a-445c-812e-d4438f791e32&c=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&i=2&v=3500K720AWS&u=https:%2F%2Ffuel-streaming-prod01.fuelmedia.io&m=2&ch=7395798e-4c30-417b-8b1a-b3d7bad8ff98&d=12.00
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5a48bbf1ed8d5b1b54fa130451dd8aa78499947cfe0b24ab467a0e7c3c77dfa

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 02:01:33 GMT
Via
1.1 dad44092e95c7e3e18abc391b2ada473.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
33308
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5554084
Last-Modified
Fri, 09 Apr 2021 01:53:01 GMT
Server
AmazonS3
ETag
"5d2ac8de623111eab89cb69279e030cf"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
video/MP2T
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
1IOfO6nm7i65pZKvYF6ATnYewvL19HDZYjVpnRYa1sC_SUltk1hAdQ==
ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159745&rdf=1
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODRERjBBRDItNzY5Ni00MkJDLUJGMEMtREU3MThDMDRDNEZB&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODRERjBBRDItNzY5Ni00MkJDLUJGMEMtREU3MThDMDRDNEZB&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:40 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 09 Apr 2021 11:16:41 GMT
X-lat
lhrpug011:0:358
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Connection
keep-alive
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=0d3929b3-a213-40a2-b174-e3e8ed0394b5&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=0d3929b3-a213-40a2-b174-e3e8ed0394b5&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF893uS1XIGetEuuNyKVWVM&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF893uS1XIGetEuuNyKVWVM&google_cver=1
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:41 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF893uS1XIGetEuuNyKVWVM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bea4c457395e8643e4b2b18f894e284f.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/bea4c457395e8643e4b2b18f894e284f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d5120440917d3c35e8579b9a64f9b66fc8e40b7ded1813bdb03ccb50979512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5864
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30025
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:56 GMT
d28247ea50a92408573177a0edd7bd11.png
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/d28247ea50a92408573177a0edd7bd11.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a1dc536745ed7df8e60c04b0489378be61ba62d0f04cd58c0e9c872eedb2ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5865
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2004
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:55 GMT
9b3dd496ff0a838c64a4614bc856356d.png
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/9b3dd496ff0a838c64a4614bc856356d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc4d0f009cb06307dc53a26ae5d77967107e906d1d159d635547df7f419bd1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5865
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5534
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:55 GMT
600814432
ixf2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000166726/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ixf2-api.bc0a.com/api/ixf/1.0.0/get_capsule/f00000000166726/600814432?client=js_sdk&client_version=1.4.6&orig_url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&base_url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.153.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.153.244.35.bc.googleusercontent.com
Software
Apache /
Resource Hash
f55f90380dcf06705f00f8b4f8c984fc095a893ecd5f14c829b1d5906441685e

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:40 GMT
content-encoding
gzip
last-modified
Wed, 15 Jan 2020 01:20:05 GMT
server
Apache
etag
"2368fe2-1f6c-59c238227fb40"
vary
Accept-Encoding,User-Agent
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
clear
content-length
1467
via
1.1 google
a97979beb27ca9829d1a4b363f882536.jpg
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/a97979beb27ca9829d1a4b363f882536.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce9039702aecad4537fcd24409559d2f44e63577d1003737b0d350a2569e8f44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
age
4
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39089
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
aad4043e07fc5c213215b4b87bc1db57.png
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/aad4043e07fc5c213215b4b87bc1db57.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18ea99233fd28b8814cf858d8da55e8f166546581a9449503397235ddab3168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
age
4
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6703
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
896da8d9240cab967ec6067b37dde7f5.png
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/896da8d9240cab967ec6067b37dde7f5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d3737fb32e9f49c26c5c64c5fedd24c40c873b67ecb30760e5771b2edc18b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
age
4
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4258
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
conv_v3.js
cdn.b0e8.com/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.b0e8.com/conv_v3.js
Requested by
Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.5.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
192.5.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
afdd29778a35ecf1638fc1c8bee1d4f7843d437d01b5db08cdf364da6b0edeaf

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:55:07 GMT
content-encoding
gzip
age
1294
x-guploader-uploadid
ABg5-UzxADRWbb8aqbcJcm6Eh1bDhKpjfKytNbI6cy8dvCHTMtXq1dEFWc6F0TcjqudtvQihUe0Zcm46FOLm4ZpKxJqdAX3wwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
21570
last-modified
Fri, 07 Aug 2020 06:51:36 GMT
server
UploadServer
etag
"befb3eb28cd6dd99609966faf9c239e0"
vary
Accept-Encoding
x-goog-hash
crc32c=kqf0jw==, md5=vvs+sozW3ZlgmWb6+cI54A==
content-language
en
access-control-allow-origin
*
x-goog-generation
1596783096708452
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
21570
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 11:55:07 GMT
bea4c457395e8643e4b2b18f894e284f.jpg
s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/ Frame A7FF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/bea4c457395e8643e4b2b18f894e284f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d5120440917d3c35e8579b9a64f9b66fc8e40b7ded1813bdb03ccb50979512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 17:16:06 GMT
server
sffe
age
5863
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30025
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:57 GMT
10466daac42ec15f5f479cb1915cde3e.png
s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/ Frame A7FF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/10466daac42ec15f5f479cb1915cde3e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd37b323f243da9dbda110388b0d80cb4cffce2e1aaf5fe01871f96a5ebd25c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 17:16:05 GMT
server
sffe
age
5863
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2247
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:57 GMT
brightedge3.php
a.b0e8.com/ 		35 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.b0e8.com/brightedge3.php?id=f00000000166726&p_id=A88RAAL4JLR4RJAANAL48L44RAAAAAAAAH&bf=a6f629548a3c08e64997d538a7e828bc&url=https%3A//www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ref=&bn=1&bv=3.43&title=Nevada%u2019s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&metadesc=Nevada%20on%20Thursday%20reported%20386%20new%20coronavirus%20cases%20and%20five%20additional%20deaths%2C%20according%20to%20data%20from%20the%20Department%20of%20Health%20and%20Human%20Services.&metakeywords=&s_id=A88RAAL4JLR4R8426P448L44RAAAAAAAAH
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.105.148 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:41 GMT
via
1.1 google
server
Apache
x-debug
default
content-type
image/gif
accept-ranges
bytes
alt-svc
clear
content-length
35
c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00004.ts
fuel-streaming-prod01.fuelmedia.io/sef/ 		5 MB
5 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/sef/c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00004.ts?s=07bb8d39-8e4a-445c-812e-d4438f791e32&c=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&i=3&v=3500K720AWS&u=https:%2F%2Ffuel-streaming-prod01.fuelmedia.io&m=3&ch=7395798e-4c30-417b-8b1a-b3d7bad8ff98&d=12.00
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c18a28941b1dc220aba8bd15c60e1ee76ad90cf81e7a66acd784d3e4c801bdd

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 02:01:35 GMT
Via
1.1 dad44092e95c7e3e18abc391b2ada473.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
33307
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5558032
Last-Modified
Fri, 09 Apr 2021 01:53:05 GMT
Server
AmazonS3
ETag
"e44a460e32fb4dd070eb874b4394cbe8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
video/MP2T
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
YRJ0nLK9G0xU0fFVi0fmVvCyVJUdTNScmbMrrBC0dqFZNmOh0FSd6A==
d8470e1b061f9dd12cc6669267ae471b.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/d8470e1b061f9dd12cc6669267ae471b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15276647ccf87092eb1914b4a13af4f29333871919c2674ea249dd16ef8a916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:11 GMT
server
sffe
age
7
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4113
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:35 GMT
99b3f553edd2d53852afacc7c8308d33.png
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/99b3f553edd2d53852afacc7c8308d33.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90da5a59ad8b76003a1440e5d18da2e7825c21d86a8f55fcbdf86642badaa25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:10 GMT
server
sffe
age
8
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
620f6a280c27d1ef7d0d1e89228b1e55.png
s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/ Frame E928 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/media/620f6a280c27d1ef7d0d1e89228b1e55.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb6cc776124a0e4a99c2d91c88a082bbbb3fbfd9748d77416eb9c3f1612bc7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900490783/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:11 GMT
server
sffe
age
8
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1696
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
d8470e1b061f9dd12cc6669267ae471b.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/d8470e1b061f9dd12cc6669267ae471b.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b15276647ccf87092eb1914b4a13af4f29333871919c2674ea249dd16ef8a916
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
age
8
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4113
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:35 GMT
99b3f553edd2d53852afacc7c8308d33.png
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/99b3f553edd2d53852afacc7c8308d33.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90da5a59ad8b76003a1440e5d18da2e7825c21d86a8f55fcbdf86642badaa25f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
age
9
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
620f6a280c27d1ef7d0d1e89228b1e55.png
s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/ Frame F746 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/media/620f6a280c27d1ef7d0d1e89228b1e55.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb6cc776124a0e4a99c2d91c88a082bbbb3fbfd9748d77416eb9c3f1612bc7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900509161/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:48:29 GMT
server
sffe
age
9
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1696
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:34 GMT
bea4c457395e8643e4b2b18f894e284f.jpg
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/bea4c457395e8643e4b2b18f894e284f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d5120440917d3c35e8579b9a64f9b66fc8e40b7ded1813bdb03ccb50979512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5868
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30025
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:56 GMT
d28247ea50a92408573177a0edd7bd11.png
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/d28247ea50a92408573177a0edd7bd11.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30a1dc536745ed7df8e60c04b0489378be61ba62d0f04cd58c0e9c872eedb2ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5869
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2004
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:55 GMT
9b3dd496ff0a838c64a4614bc856356d.png
s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/ Frame 792F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/media/9b3dd496ff0a838c64a4614bc856356d.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc4d0f009cb06307dc53a26ae5d77967107e906d1d159d635547df7f419bd1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617900719272/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:51:59 GMT
server
sffe
age
5869
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5534
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:55 GMT
a97979beb27ca9829d1a4b363f882536.jpg
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/a97979beb27ca9829d1a4b363f882536.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce9039702aecad4537fcd24409559d2f44e63577d1003737b0d350a2569e8f44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
age
8
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39089
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
aad4043e07fc5c213215b4b87bc1db57.png
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/aad4043e07fc5c213215b4b87bc1db57.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b18ea99233fd28b8814cf858d8da55e8f166546581a9449503397235ddab3168
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
age
8
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6703
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
896da8d9240cab967ec6067b37dde7f5.png
s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/ Frame 330C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/media/896da8d9240cab967ec6067b37dde7f5.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09d3737fb32e9f49c26c5c64c5fedd24c40c873b67ecb30760e5771b2edc18b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617899791678/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 16:36:31 GMT
server
sffe
age
8
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4258
x-xss-protection
0
expires
Sat, 10 Apr 2021 11:16:36 GMT
bea4c457395e8643e4b2b18f894e284f.jpg
s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/ Frame A7FF 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/bea4c457395e8643e4b2b18f894e284f.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d5120440917d3c35e8579b9a64f9b66fc8e40b7ded1813bdb03ccb50979512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 17:16:06 GMT
server
sffe
age
5867
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30025
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:57 GMT
10466daac42ec15f5f479cb1915cde3e.png
s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/ Frame A7FF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/media/10466daac42ec15f5f479cb1915cde3e.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd37b323f243da9dbda110388b0d80cb4cffce2e1aaf5fe01871f96a5ebd25c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/520018/5008118787/1617902165905/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 09:38:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 17:16:05 GMT
server
sffe
age
5867
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2247
x-xss-protection
0
expires
Sat, 10 Apr 2021 09:38:57 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.127&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&f_es6=1&f_gears=2&tvltm=17&f_privb=1&tid=b3de3a3d-03ec-4153-99c0-d88695eda0d4&pid=deeea6fe-5080-4dec-9af1-56af8b19bdee&dtm=1617967005043&qnm=_matherq&visible=1&tabid=d03bb76d-ee46-4878-a688-d72c02a1a325&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&vp=1600x1200&ds=1600x7228&tofa=1617967005&vid=1&lvidt=1617967005&duid=e5a5b554d7251a0c&fp=1072425006&cid=ma54884&mrk=233443800&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxNzk2Njk5MTUyMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMy4xbWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMTI5MiIsImZldGNoUyI6IjIyNSIsImRvbWFpblMiOiIyMjYiLCJkb21haW5FIjoiMjI2IiwiY29ublMiOiIyMjYiLCJjb25uRSI6IjI4NSIsInNzbFMiOiIyNTQiLCJyZXF1UyI6IjI4NSIsInJlc3BTIjoiOTQwIiwicmVzcEUiOiIxMTQ5IiwiZG9tTG9hZCI6Ijk0MyIsImRvbUludGVyIjoiMTg1MyIsImRvbUxvYWRTIjoiMTg5OCIsImRvbUxvYWRFIjoiMTkwMCJ9fQ
Requested by
Host: www.reviewjournal.com
URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:45 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
p
i.simpli.fi/ 		746 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=190723&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/d4783370-567b-0138-6adb-06659b33d47c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
Software
/
Resource Hash
da4c2c90367ae15a66b1c9d31206e9d865390bc2dde6606ea533711eda60ed75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache, no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Fri, 09 Apr 2021 11:16:45 GMT
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
application/javascript; charset=UTF-8
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040101&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31823883def496c4972a1df9904feb98eb066befc93cf2ed25f2688cdd762432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 11:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6635
x-xss-protection
0
beacon.gif
rum-collector-2.pingdom.net/img/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rum-collector-2.pingdom.net/img/beacon.gif?id=5bef16287e84eb00160004bc&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=226&cE=285&dLE=226&dLS=226&fS=225&hS=254&rE=-1&rS=-1&reS=285&resS=940&resE=1149&uEE=-1&uES=-1&dL=943&dI=1853&dCLES=1898&dCLEE=1900&dC=14279&lES=14279&lEE=14288&s=nt&title=Nevada%E2%80%99s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&path=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F&ref=&sId=4zsw88fp&sST=1617967005&sIS=1&rV=0&v=1.4.1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.165.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:46 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 09 Apr 2021 11:16:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7E7B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.reviewjournal.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.reviewjournal.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 09 Apr 2021 11:13:32 GMT
expires
Sat, 09 Apr 2022 11:13:32 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
193
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=EB88AA5EDF704EC0B544584DB223CE5D
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=EB88AA5EDF704EC0B544584DB223CE5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:9a95:fbee:2d35:58d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:46 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://simplifi.partners.tremorhub.com/sync?UISF=EB88AA5EDF704EC0B544584DB223CE5D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 08 Apr 2021 11:16:46 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=EB88AA5EDF704EC0B544584DB223CE5D
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EB88AA5EDF704EC0B544584DB223CE5D
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EB88AA5EDF704EC0B544584DB223CE5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:46 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/png
alt-svc
clear
content-length
95

Redirect headers

date
Fri, 09 Apr 2021 11:16:46 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EB88AA5EDF704EC0B544584DB223CE5D
alt-svc
clear
content-length
0
aa_px
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=EB88AA5EDF704EC0B544584DB223CE5D
  • https://d.agkn.com/pixel/10751/?che=1617967006&ip=185.76.9.102&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165010903751000576680
  • https://um.simpli.fi/aa_px?sk=165010903751000576680
43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/aa_px?sk=165010903751000576680
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 08 Apr 2021 11:16:47 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:47 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://um.simpli.fi/aa_px?sk=165010903751000576680
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
nexage
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/nexage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 08 Apr 2021 11:16:46 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EB88AA5EDF704EC0B544584DB223CE5D
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EB88AA5EDF704EC0B544584DB223CE5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-75.ham50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EB88AA5EDF704EC0B544584DB223CE5D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 08 Apr 2021 11:16:46 GMT
pubmatic
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 08 Apr 2021 11:16:46 GMT
freewheel
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 08 Apr 2021 11:16:46 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=EB88AA5EDF704EC0B544584DB223CE5D;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=EB88AA5EDF704EC0B544584DB223CE5D;mimetype=img;sr
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=7604335014599805307
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=7604335014599805307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.179.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-179-75.ham50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:45 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=7604335014599805307
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=EB88AA5EDF704EC0B544584DB223CE5D&j=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=EB88AA5EDF704EC0B544584DB223CE5D&j=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:46 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=EB88AA5EDF704EC0B544584DB223CE5D&j=0
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 08 Apr 2021 11:16:46 GMT
yahoo
um.simpli.fi/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 08 Apr 2021 11:16:46 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=EB88AA5EDF704EC0B544584DB223CE5D
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=EB88AA5EDF704EC0B544584DB223CE5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 09 Apr 2021 11:16:46 GMT

Redirect headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://sync.bfmio.com/sync?pid=141&uid=EB88AA5EDF704EC0B544584DB223CE5D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 08 Apr 2021 11:16:46 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=EB88AA5EDF704EC0B544584DB223CE5D
62 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=EB88AA5EDF704EC0B544584DB223CE5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-152-128.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:46 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
3157
Content-Type
image/gif

Redirect headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://stags.bluekai.com/site/29931?id=EB88AA5EDF704EC0B544584DB223CE5D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 08 Apr 2021 11:16:46 GMT
tpid=EB88AA5EDF704EC0B544584DB223CE5D
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EB88AA5EDF704EC0B544584DB223CE5D
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EB88AA5EDF704EC0B544584DB223CE5D
49 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EB88AA5EDF704EC0B544584DB223CE5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:47 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.11.165
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:47 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EB88AA5EDF704EC0B544584DB223CE5D
cache-control
no-cache
x-server
10.45.5.179
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=EB88AA5EDF704EC0B544584DB223CE5D
  • https://ce.lijit.com/merge?pid=2&3pid=EB88AA5EDF704EC0B544584DB223CE5D&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=EB88AA5EDF704EC0B544584DB223CE5D&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:47 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:47 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=EB88AA5EDF704EC0B544584DB223CE5D&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=EB88AA5EDF704EC0B544584DB223CE5D
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=EB88AA5EDF704EC0B544584DB223CE5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:47 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://idsync.rlcdn.com/419566.gif?partner_uid=EB88AA5EDF704EC0B544584DB223CE5D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 08 Apr 2021 11:16:46 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1617967005838&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1583908523&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1583908523&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1583908523&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=1583908523&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nTdwYM_LN6WL7_UPsu-SqAk&cid=CAQSKQCNIrLMa99a5Q2FVz7o5ZKLPRnhP4SSSDpOlg1TS4a4PvPhbOv0CCoM&random=2553120659&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=1583908523&cv=7&fst=1617967005838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=nTdwYM_LN6WL7_UPsu-SqAk&cid=CAQSKQCNIrLMa99a5Q2FVz7o5ZKLPRnhP4SSSDpOlg1TS4a4PvPhbOv0CCoM&random=2553120659&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EB88AA5EDF704EC0B544584DB223CE5D
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EB88AA5EDF704EC0B544584DB223CE5D&__user_check__=1&sync_id=121b2172-9925-11eb-90c0-1df4c96b0a06
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EB88AA5EDF704EC0B544584DB223CE5D&__user_check__=1&sync_id=121b2172-9925-11eb-90c0-1df4c96b0a06
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:46 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
122
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Fri, 09 Apr 2021 11:16:46 GMT
Server
nginx
Location
/partner?adv_id=7797&uid=EB88AA5EDF704EC0B544584DB223CE5D&__user_check__=1&sync_id=121b2172-9925-11eb-90c0-1df4c96b0a06
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
47
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=EB88AA5EDF704EC0B544584DB223CE5D
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEB88AA5EDF704EC0B544584DB223CE5D
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEB88AA5EDF704EC0B544584DB223CE5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:46 GMT
X-Proxy-Origin
185.76.9.102; 185.76.9.102; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid
e54b557d-ee24-4083-ad71-c2f65458636d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 11:16:46 GMT
X-Proxy-Origin
185.76.9.102; 185.76.9.102; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid
f4306ff5-a52e-41d7-997d-5629beb390a0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEB88AA5EDF704EC0B544584DB223CE5D
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EB88AA5EDF704EC0B544584DB223CE5D&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EB88AA5EDF704EC0B544584DB223CE5D&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EB88AA5EDF704EC0B544584DB223CE5D&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 08 Apr 2021 11:16:46 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EB88AA5EDF704EC0B544584DB223CE5D
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EB88AA5EDF704EC0B544584DB223CE5D
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EB88AA5EDF704EC0B544584DB223CE5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:46 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EB88AA5EDF704EC0B544584DB223CE5D
date
Fri, 09 Apr 2021 11:16:46 GMT
via
1.1 google
server
OXGW/16.205.50
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEFqT68IZDbuAYRLKOFd_pOk&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EB88AA5EDF704EC0B544584DB223CE5D
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 08 Apr 2021 11:16:46 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://um.simpli.fi/g_match?id=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://www.reviewjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Fri, 09 Apr 2021 11:16:45 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		351 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e6f5bac4b7440b325a1343537482aa673a01bfe50059325778f907eb357da07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
4CD1338C-A8FE-459B-ADB3-1BBD836BCA5F
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Fri, 09 Apr 2021 11:16:45 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
351
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame 7E7B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 19:32:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
56674
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Fri, 08 Apr 2022 19:32:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040101&jk=1562186486989213&bg=!BQalBkLNAAY56aLOOek7ACkAdvg8WkHbHZh5lGr-8m0wQI_3uuFkS5PTK7otl_0U9EeggB_76Mq5KgIAAACvUgAAABJoAQcKAGJEn0k6eIk20ibLcFochOI1ituD4I32-LsX7v5ZA24BiVB5bXohUnDWyVPwfZ_b0stlbveUXPgm1qbbLy3w1sPBXAZD9pYjdSGMi5IHq_DktMZr9ADMSHCqZ4Q8e0ESV278A5kB6SC4_aqQS7_wPOszqTcTNVLFuVjXF7boJdVowOlJBvj_C1BHi-nZ6LE_M8EHBDqwHmwWlNDz8RlDd_1aP6VKNVZ2svHYAHDXRqZsiw71LGKBVvw-BQomyhCOb9dN0yV4xRPPuvMB6dX7DoTwgkX9bb_pGQ4c1_vKZVU3Wtqz6kVj67b-cpE8bYJAQzUrphSAjN5ud_dZIOW4-tvpOcl53m3HpSrEjPXdyZ177PGm-wU-6pMol7N7CmP1CLgvLKhFyt1DtkoTjSR6j9x-P-QV-J9zIDHXrm7APX8mUNYVQh8ZTwcZFyAwkR10cuUzF2s4_iG-NDUFqPnnP_VgxcJq-CIlxBrhWy-ZN5WA6ezK7kk2tiG40O4qQVKBJjtW5g9A7JqEuVTYDitsiPpdT-HaKwX8eJyPp1mUcLRkwiNgXuzEB4Zj361i7amGF95ACgEH2pW_rbPv42FN1jYM_eu7KUum1KSx8GV_AvcUXiPRMdIavOCiGruJJVrvDYNrhhX0QqPqFY7ic7REBzeYaoLa5zYdgbSvENqu_0PtvGVzQpC4rrIFoXcY-3HaEaYfs6OfNfnjbWTtCa-h-3zOBMREfm-NU0_aoT7f24LptYM7PlXpIrTV9SUj7ZJSEL0yFj1pju99mmfRgUB0rA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
content.m3u8
fuel-streaming-prod01.fuelmedia.io/v1/sep/07bb8d39-8e4a-445c-812e-d4438f791e32/3500K720AWS/SM/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/sep/07bb8d39-8e4a-445c-812e-d4438f791e32/3500K720AWS/SM/content.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
0f60aa356984ddc3cc966757fb72ec82d1df100badb4b3b8f11a1d27a6641617

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:46 GMT
Via
1.1 ccc3c8305c079db66ab9ac68a1ea9cd9.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Amz-Cf-Id
UzEju_oBN5HL3o-FsfbV01lQd7ZxHZ8NMfZBnIZz3I4qUos9vEuCgA==
X-Request-Id
d2a548a8-ecc1-49d8-aad1-dbf42334b2a5
collect
www.google-analytics.com/j/ 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=239974910&t=event&ni=True&_s=1&dl=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ul=en-us&de=UTF-8&dt=Nevada%E2%80%99s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=start&el=7%407PM%20for%20Thursday%2C%20April%208%2C%202021&_u=aGjAAEABAAAAAG~&jid=1372834190&gjid=1635126662&cid=1035772386.1617966993&tid=UA-77901017-1&_gid=2101389143.1617967007&_r=1&gtm=2wg3v0WJQX3C&cd12=0&cd14=1&cd15=content&cd16=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&cd17=7395798e-4c30-417b-8b1a-b3d7bad8ff98&cd18=7%407PM%20for%20Thursday%2C%20April%208%2C%202021&cd19=7%20at%207%20-%20Articles&cm4=1&z=542084324
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pos
fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/ 		2 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/pos?f=0&t=8.730887
Requested by
Host: fuel-streaming-prod01.fuelmedia.io
URL: https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:47 GMT
Via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Cache
Miss from cloudfront
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
X-Amz-Cf-Id
W1GMfhfYPbghGUj_ePmezWAGG5-19458AHewxQBmXFUZSXG_ND6XYw==
X-Request-Id
06d34e0d-ee85-4ae0-b496-e8ad7b71b2d6
collect
www.google-analytics.com/ 		35 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=239974910&t=event&ni=True&_s=1&dl=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ul=en-us&de=UTF-8&dt=Nevada%E2%80%99s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=duration&el=7%407PM%20for%20Thursday%2C%20April%208%2C%202021&_u=aGjAAEABAAAAAG~&jid=&gjid=&cid=1035772386.1617966993&tid=UA-77901017-1&_gid=2101389143.1617967007&gtm=2wg3v0WJQX3C&cd12=0&cd14=1&cd15=content&cd16=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&cd17=7395798e-4c30-417b-8b1a-b3d7bad8ff98&cd18=7%407PM%20for%20Thursday%2C%20April%208%2C%202021&cd19=7%20at%207%20-%20Articles&cm1=8.730887&z=1151543945
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4389
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=1372834190&gjid=1635126662&_gid=2101389143.1617967007&_u=aGjAAEABAAAAAG~&z=2127187100
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 09 Apr 2021 11:16:46 GMT
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=1372834190&_u=aGjAAEABAAAAAG~&z=1494181773
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=1372834190&_u=aGjAAEABAAAAAG~&z=1494181773
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p1.parsely.com/plogger/?rand=1617967007028&plid=12737107&idsite=lasvegasreviewjournal.com&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3Anull%7D&sid=1&surl=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&sref=&sts=1617967007027&slts=0&date=Fri+Apr+09+2021+13%3A16%3A47+GMT%2B0200+(Central+European+Summer+Time)&action=heartbeat&inc=5&tt=4900&u=pid%3D07bf6cdefeae8343b93fe7d9cd046884
Requested by
Host: cdn.parsely.com
URL: https://cdn.parsely.com/keys/lasvegasreviewjournal.com/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:47 GMT
Cache-Control
no-cache
Last-Modified
Friday, 09-Apr-2021 11:16:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1617967007033&plid=12737107&idsite=lasvegasreviewjournal.com&url=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3Anull%7D&sid=1&surl=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&sref=&sts=1617967007027&slts=0&title=Nevada%E2%80%99s+COVID+positivity+rate+rises+for+4th+straight+day+%7C+Las+Vegas+Review-Journal&date=Fri+Apr+09+2021+13%3A16%3A47+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=41492330&u=pid%3D07bf6cdefeae8343b93fe7d9cd046884
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:47 GMT
Cache-Control
no-cache
Last-Modified
Friday, 09-Apr-2021 11:16:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00005.ts
fuel-streaming-prod01.fuelmedia.io/sef/ 		5 MB
5 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/sef/c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00005.ts?s=07bb8d39-8e4a-445c-812e-d4438f791e32&c=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&i=4&v=3500K720AWS&u=https:%2F%2Ffuel-streaming-prod01.fuelmedia.io&m=4&ch=7395798e-4c30-417b-8b1a-b3d7bad8ff98&d=12.00
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f78335168b725da10741e64a58f54d05a13fb6cbe574a253062eb76dafcc69d8

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 02:01:38 GMT
Via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
33310
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5414776
Last-Modified
Fri, 09 Apr 2021 01:53:09 GMT
Server
AmazonS3
ETag
"56ac7cd52fdf0c1a3268d06271a27481"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
video/MP2T
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
78POs29E8Za-vdZ7ZbC6IxSrwniRK0KlMpU2uYVvrmZmjS0LHZl88w==
5c9a8e78761af0081c8255c5
events.launchdarkly.com/events/bulk/ 		0
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5c9a8e78761af0081c8255c5
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.204.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.reviewjournal.com/
X-LaunchDarkly-Event-Schema
3
X-LaunchDarkly-User-Agent
JSClient/2.13.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 09 Apr 2021 11:16:48 GMT
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
300
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length
0
Access-Control-Expose-Headers
Date
5c9a8e78761af0081c8255c5
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/5c9a8e78761af0081c8255c5
Protocol
HTTP/1.1
Server
54.209.204.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Origin
https://www.reviewjournal.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Fri, 09 Apr 2021 11:16:48 GMT
Content-Type
application/json
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Date
Access-Control-Max-Age
300
Strict-Transport-Security
max-age=31536000
content.m3u8
fuel-streaming-prod01.fuelmedia.io/v1/sep/07bb8d39-8e4a-445c-812e-d4438f791e32/3500K720AWS/SM/ 		13 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/sep/07bb8d39-8e4a-445c-812e-d4438f791e32/3500K720AWS/SM/content.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
4efef784b5559e2ecd3cb7a87942fe1468a4f2e38430b46ad57af73870c9b340

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:53 GMT
Via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Amz-Cf-Id
N23vMKM-k7esegBTjdbn4_fXs1LsOY5jcC19QTdOWuDWpWjk2r2NnQ==
X-Request-Id
f4d6a131-42da-42d4-a892-6a5dabfcc6e6
c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00006.ts
fuel-streaming-prod01.fuelmedia.io/sef/ 		6 MB
6 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/sef/c_9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727_v_3500K720AWS_s_00006.ts?s=07bb8d39-8e4a-445c-812e-d4438f791e32&c=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&i=5&v=3500K720AWS&u=https:%2F%2Ffuel-streaming-prod01.fuelmedia.io&m=5&ch=7395798e-4c30-417b-8b1a-b3d7bad8ff98&d=12.00
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33d176d887050444fe1fba9f63585ea909971b526ab51811b117849e272d9a18

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 02:01:44 GMT
Via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
33310
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
5857516
Last-Modified
Fri, 09 Apr 2021 01:53:13 GMT
Server
AmazonS3
ETag
"1b8d70da9e6e115f595ea4c4ae89a092"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
video/MP2T
Access-Control-Allow-Origin
https://www.reviewjournal.com
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
HAM50-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
J_HqtFIuZGJh7j4CqZ2xwX54voLt0fE-BjC8VqrrqJGXJwbx4xw9pg==
collect
www.google-analytics.com/j/ 		2 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=239974910&t=event&ni=True&_s=1&dl=https%3A%2F%2Fwww.reviewjournal.com%2Fnews%2Fpolitics-and-government%2Fnevada%2Fnevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A&ul=en-us&de=UTF-8&dt=Nevada%E2%80%99s%20COVID%20positivity%20rate%20rises%20for%204th%20straight%20day%20%7C%20Las%20Vegas%20Review-Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=duration&el=7%407PM%20for%20Thursday%2C%20April%208%2C%202021&_u=aGjAAEABAAAAAG~&jid=994180273&gjid=567337873&cid=1035772386.1617966993&tid=UA-77901017-1&_gid=1579129123.1617967017&_r=1&gtm=2wg3v0WJQX3C&cd12=0&cd14=1&cd15=content&cd16=9d0aa3bd-f38a-4c6c-9b38-3c286d2f1727&cd17=7395798e-4c30-417b-8b1a-b3d7bad8ff98&cd18=7%407PM%20for%20Thursday%2C%20April%208%2C%202021&cd19=7%20at%207%20-%20Articles&cm1=9.979985&z=1939205919
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pos
fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/ 		2 B
463 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fuel-streaming-prod01.fuelmedia.io/v1/session/07bb8d39-8e4a-445c-812e-d4438f791e32/pos?f=8.730887&t=18.710872
Requested by
Host: fuel-streaming-prod01.fuelmedia.io
URL: https://fuel-streaming-prod01.fuelmedia.io/player/1.0/player.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 11:16:57 GMT
Via
1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-C3
X-Cache
Miss from cloudfront
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
X-Amz-Cf-Id
VjqOL8EzBl1QTG-kr-NbwEhDuHtyHuh35enzjAWX8EFMLIUdNCKjKQ==
X-Request-Id
4625b286-5149-4f9e-aefa-ca01fec93c2a
collect
stats.g.doubleclick.net/j/ 		4 B
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=994180273&gjid=567337873&_gid=1579129123.1617967017&_u=aGjAAEABAAAAAG~&z=1873586154
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 09 Apr 2021 11:16:56 GMT
content-type
text/plain
access-control-allow-origin
https://www.reviewjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=994180273&_u=aGjAAEABAAAAAG~&z=92511128
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-77901017-1&cid=1035772386.1617966993&jid=994180273&_u=aGjAAEABAAAAAG~&z=92511128
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.reviewjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 11:16:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1

Verdicts & Comments Add Verdict or Comment

230 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| js_data object| googletag object| rj_ads_info object| pbjs object| rj_ads_info_def object| js_data_def function| rjLazyLoad object| rjAdsData function| rjRefreshAdsGallery object| MG2 object| MG2Loader function| documentInitOneSignal object| OneSignal function| gtag object| dataLayer object| RJAdTargetingManager function| is_valid_starbucks function| PluginInitOverride string| loaderVersion string| loaderBuild object| ggeac object| google_js_reporting_queue object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| _qevents function| twq function| fbq function| _fbq object| resonateAnalytics object| GlobalAamNamespace function| aamsitecertifier function| pbjsChunk object| _pbjsGlobals object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| Snowplow object| twttr object| appInsights object| deferredResources function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| startBESDK object| _matherq object| rj_fbq object| wp object| _stq object| parselyPreload function| fireParselyEvent function| getSubscriberInfo function| parselyTrackAudienceSegments object| PARSELY object| rjConnext object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id function| st_go function| linktracker_init object| wpcom object| headertag object| AI object| Microsoft function| __extends function| _endsWith object| _oneSignalInitOptions object| sifi_att_42656 function| rj_slider_slide_to function| rj_drag_slider function| rj_slider_init object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| ua_result object| revcontent function| revCriteoRTUSCallback function| renderRCWidget function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| LoaderConfig string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| nxtBundle object| webpackJsonpnxtBundle object| NxtInner object| Connext object| CnnXt object| g2i_dl object| MG2DL object| vttjs function| WebVTT number| google_srt object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| ima object| google object| gPartners boolean| __xshjryhdhjkuehd object| _3b1c0b02-a34a-4a2e-9feb-655ccef0fe86 object| _mather object| _mg2q object| tid number| hr_limit undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent boolean| msgData number| x function| _typeof object| BEJSSDKObserver function| jsElementReady object| BEJSSDK object| BEIXF function| positionLinkBlock function| initializeFPJSLibrary function| detectIE object| _bright3 function| beLinkBlockCallback boolean| ie_version undefined| style undefined| select object| scriptTag string| org_id object| betrack object| showLogs string| domain object| domainPath object| timeout string| sessionTmeout boolean| bf_e_org object| bf_e_org_list number| bf_i object| bf object| goal object| goalvalue number| maximum_custom_variables number| maximum_custom_metrics object| customdimension_value object| custommetric_value number| maximum_conversions object| conversion_count_value object| conversion_value_value boolean| disableTrack object| deferCallback object| useCustomLinkBlockStyles object| showLinkBlock object| JSON3 function| isSameSiteNoneCompatible function| shouldSendSameSiteNone function| Fingerprint2 string| cookie_str number| s_expire string| cookie_set_string number| c_begin number| c_end object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.reviewjournal.com/ Name: _ml_id
Value: e5a5b554d7251a0c.1617967005.1.1617967005.1617967005
.reviewjournal.com/ Name: _ml_ses
Value: *
www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885 Name: pa
Value: pa=sid%3D4zsw88fp%26sst%3D1617967005%26sis%3D1%26rv%3D0

27 Console Messages

Source Level URL
Text
console-api debug URL: https://info.silobreaker.com/e2t/tc/VVGpQb1FcnfXVjSg951_3dy1W8XrjSc4q9szqN5bb0jS2-Hx1V1-WJV7CgNTlW61rhJn9bP6-6W6SRwN77vnpbzW2Bv9hn2rGsRhW7YWSpT3wWGrcW2_lfSm9fjSqVW3y15X08zGTrqW20FNND2szd9bW9fqBGL1gVzLpW2n3TLZ1Pxhw6VWytr37HNMh9W4lpbFn4FqqFHN97kyMM5GHPLW2RqwmL6XSXjTW7nPf2S6NRCfHW1z7RJS4tX7dDW7kNdtS1fxnnNW4cpsFW6YQX6NW1Kgbmn3KPjDRN2Vk1f94LW6rW7Q77lV6yDqVQW6NHlRf2gYGkpN3G2gV-wP_5DW7cfbR495_D3xW3_vM2-3xSxjWW1rK-gR7QYhtTW4r4qyG6WPMcTW2qvtg62t9WTcVkhQd57G-tjyW6p5jM496KLqtVQ8n-K2r5V7P3nY71(Line 13)
Message:
toS
console-api log URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=(Line 21)
Message:
JQMIGRATE: Migrate is installed, version 3.1.0
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api warning URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=(Line 18)
Message:
jQuery.Deferred exception: Cannot read property 'rj_font_size' of null TypeError: Cannot read property 'rj_font_size' of null at HTMLDocument.<anonymous> (https://www.reviewjournal.com/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1i/K0i8oTcrJTNbPAnF0IRy93Mw8vaxiHX3sOnIyk4oSiyr1K1KKEtOJVFuUWlwAkibW6OKczJRU/XigqyBMAvoQnijIL4ZZYp9ra2hmaGxpYGZoapQFAPFOXiI=:11:8419) at e (https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=:18:29453) at t (https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=:18:29755) undefined
console-api warning URL: https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=(Line 18)
Message:
jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at window.is_valid_starbucks (https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A:450:50) at HTMLDocument.<anonymous> (https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A:466:63) at e (https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=:18:29453) at t (https://www.reviewjournal.com/_static/??-eJydjDEOwjAMAD9E7LiFSh0Qb2kri9oiCdgGxO/pgBgZmG443eHzmpZWg2tgrFzY0TTWLtOI6iibMeclpNXUZmd7sEGRCuo7/NFeZLbJXqi3O3+RetgD/Z8XOdsUvG0I8mdzKkcaqB/zQIdO35SXSNY=:18:29755) undefined
console-api log URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A(Line 1055)
Message:
rj_hx:47
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'setItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'setItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'setItem' of null
console-api log URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/Review-Journal/t8y9347t.min.js?v=2.5.3.4_2(Line 1)
Message:
[object Object] Utf8
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.reviewjournal.com/wp-content/plugins/mg2-loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'setItem' of null
console-api log URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A(Line 3203)
Message:
Parse.ly code is ready!
console-api log URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A(Line 3192)
Message:
Parse.ly code has loaded!
console-api log URL: https://www.reviewjournal.com/news/politics-and-government/nevada/nevadas-coronavirus-positivity-rate-continues-to-creep-higher-2324885/?_hsmi=88974744&_hsenc=p2ANqtz-_7pT5lVKl5tcRm2D9-aU30mYe0AEiAeiiBqV2anj0IGUF_iLtYkCABcVbaOkclqV1sIhRqIhDmqd3J_dJT72w91FefOxyvHZsJ85HWAD2QwYDUA9A(Line 3262)
Message:
Parse.ly Track Audience null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

211d5a4f3649327c05f2ad0898cb39d7.safeframe.googlesyndication.com
a.b0e8.com
aa.agkn.com
aamcf.aamsitecertifier.com
ad.360yield.com
ads.pubmatic.com
ads.yieldmo.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.se
analytics.twitter.com
api-mg2.db-ip.com
api.mg2insights.com
api.rlcdn.com
app.launchdarkly.com
as-sec.casalemedia.com
assets.revcontent.com
az416426.vo.msecnd.net
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
cdn.ayc0zsm69431gfebd.xyz
cdn.b0e8.com
cdn.bc0a.com
cdn.includemodal.com
cdn.mg2connext.com
cdn.onesignal.com
cdn.parsely.com
cdn.rawgit.com
cdn.resonate.com
cdn.revcontent.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
creativecdn.com
cs.emxdgt.com
d.agkn.com
d1wa9546y9kg0n.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
dc.services.visualstudio.com
didna-d.openx.net
dmx.districtm.io
eb2.3lift.com
eu-u.openx.net
events.launchdarkly.com
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
fuel-streaming-prod01.fuelmedia.io
g2insights-cdn.azureedge.net
gadasource.storage.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
img.revcontent.com
includemodal.com
includemodal.global.ssl.fastly.net
info.silobreaker.com
insight.adsrvr.org
ixf2-api.bc0a.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
loader-cdn.azureedge.net
loadm.exelator.com
match.adsrvr.org
match.deepintent.com
media.reviewjournal.com
mug.criteo.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pbs.publishers.tremorhub.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.wp.com
polyfill.io
pr-bh.ybp.yahoo.com
prod-review-journal-proxy-connext.azurewebsites.net
res.cloudinary.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s-jsonp.moatads.com
s.ntv.io
s0.2mdn.net
secure-gl.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
spreadsheets.google.com
ssc.33across.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
stats.wp.com
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.springserve.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.co
tag.simpli.fi
tg.socdm.com
tpc.googlesyndication.com
trends.revcontent.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vid.springserve.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.reviewjournal.com
x.bidswitch.net
z.moatads.com
dmx.districtm.io
104.18.12.242
104.244.42.131
104.244.42.133
104.26.4.15
107.178.250.234
124.146.215.45
13.224.194.178
13.225.74.65
13.85.16.224
142.250.185.66
142.250.186.66
151.101.1.194
151.101.114.49
151.101.14.217
151.101.194.133
151.139.128.11
169.197.150.7
169.50.137.179
169.50.137.190
172.217.23.98
178.162.133.149
178.250.0.157
18.157.239.120
18.184.153.186
18.185.208.29
18.195.155.181
184.31.84.150
185.184.8.30
185.29.132.68
185.33.221.88
185.64.189.112
185.64.189.216
185.64.190.78
185.64.190.80
185.94.180.125
192.0.66.2
192.0.76.3
193.0.160.128
193.122.130.38
198.148.27.139
199.232.136.157
199.60.103.254
2.18.233.180
2.18.234.163
2.18.234.21
2.18.235.40
213.19.147.151
213.19.162.61
23.79.152.128
2600:1901:0:8eee::
2600:1f18:612b:4264:9a95:fbee:2d35:58d
2600:9000:2093:2e00:6:44e3:f8c0:93a1
2600:9000:21f3:5e00:d:77c3:2dc0:21
2600:9000:21f3:ba00:1e:a43d:b640:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:10::6814:15ef
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2010
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82b::2010
2a00:1450:400c:c1b::9c
2a02:2638::1c
2a03:2880:f03f:1c:face:b00c:0:3
2a03:2880:f13f:83:face:b00c:0:25de
2a04:4e42:1b::393
2a04:4e42:400::621
3.125.244.14
3.126.56.137
3.141.126.26
34.120.133.55
34.192.117.147
34.192.170.233
34.194.161.83
34.241.178.179
34.252.219.109
34.253.179.128
34.255.212.202
34.95.105.148
35.190.5.192
35.201.125.192
35.227.248.159
35.227.252.103
35.244.153.179
35.244.159.8
35.244.174.68
35.244.221.19
51.107.59.180
52.17.165.163
52.17.69.36
52.217.37.228
52.222.179.75
52.28.42.15
52.45.248.59
52.48.248.240
52.51.3.86
52.52.67.9
52.58.45.227
54.166.210.103
54.195.68.175
54.205.191.176
54.209.204.79
54.230.180.67
54.230.182.154
54.230.183.21
54.245.234.104
54.78.254.47
69.173.144.165
70.42.32.95
72.251.249.14
89.187.169.26
003fd10ced20a31ddee2cb8cd496fbd9c21efc94a2c35bfd61b6e02a004be62e
0105e535b6c134afd59a7ea134cf3a358919dc1a2827559225a26dd6a60d0e86
02dd78b4fd5768fead37e5b3218b23af85a7a7749074661ec31b34d2941fc530
06ce43b69ee4cb8c7068fd541d67ea625271422a9b9a0111a1a321b874a8c43a
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
089c8e49e12597850d1690fdfda1bc8c11dc33ada7b22b127afb010c61979f37
09d3737fb32e9f49c26c5c64c5fedd24c40c873b67ecb30760e5771b2edc18b6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f60aa356984ddc3cc966757fb72ec82d1df100badb4b3b8f11a1d27a6641617
0ffb629c0f843dee0a01d32d8bbb56cf0ede97415e14b5a758070874e435f513
102a08dc123aa03c5845a63ff8d5d596cde82b4e12c6729d4d0c37a1c41f432c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e8a505f91e7a4a676109b1e124e75f76771665705dfd149da89eafcdf1c5a4
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
17c6ccd7963ddeaa6711cd64291bb960450429c600493d05226f861b1f95f4f3
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
18ba8e49bcf43ffde2e8a68db14a7fdd051529a9828e99e5cda6fcf47f032881
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
20503a2cc01738b0b9c6e282bba8ed43ba905c969b07cada01efbafecdfe9a19
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2564b0d2b3ff1778dc204d05cf1bc772da6b3432915c8da1302373f0e5db3238
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2df0cfe55a9f53711fe562cf7176b9230a549409ad108a675d2e998b01d39606
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30a1dc536745ed7df8e60c04b0489378be61ba62d0f04cd58c0e9c872eedb2ed
31823883def496c4972a1df9904feb98eb066befc93cf2ed25f2688cdd762432
328259d3a69bd234aeb53f5f5353eba32a1afadff3e12e7b3cfe5b5fb6ad908d
33bfbd764871f5015fba3f330b7983aff5d042b5f5b22a94e872821411193e5b
33d176d887050444fe1fba9f63585ea909971b526ab51811b117849e272d9a18
34975ac7bbc037a7e40ed7ed11732d049d094415c579d6713dc878f8ada14f9f
37b98902d4f75dc1f85b3038ea524400c1824eb8d51264783bebb58b67b2b5e1
38491d42381d5a2c42cbe71192a179ecac0fe35f6683a1a3b5251ffefd0ef181
38dc1dda6a2a2f9c6312641c98a0febe92c8bfe3d49048d99415c92c5e05e05b
3b9482a6fb42e8f955d3fafa29cbe2f5558dd2140cba9bc46e931e4f497b8c60
3dfc3ca54ac3a388b540714acce0b9482151ff374c3fb0ac66024c73b2c9aae5
3e6f5bac4b7440b325a1343537482aa673a01bfe50059325778f907eb357da07
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edf07aaa046b7734fee00720300c088de35e8cb32bfc8c9232cf9b8584f7da1
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
463d80f4ed88bbaba816e662ac0e36d8c2c517dd06d1eb5eced7941d6cb837b2
48bf27f30b27a2bbc0eeb40ca0440cc7432787f001d1c5aec231dd80ad64ad58
48f20e70b233fbc589ba9f2480a319a6fad6ce0dc63c95927bddced4e97f2fd7
48fa93d49b072e7b67884b6510f39915eb6af3c199ee93129879474aae1f199d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0accfaacc9962787426d8d052ff27e65fa6b7271f2f7a132b8cc2b9756c2ab
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d1f4870ab0e61db555bd08861af4e6c3c9096de109c9ab62424ddd22d249bac
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efef784b5559e2ecd3cb7a87942fe1468a4f2e38430b46ad57af73870c9b340
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5084ce11acf5eb0851aedce2fb1860ce0670ddb803b29c3f0750e4fda0edbb58
51a234187a980defe1e157f7c2e1d48276e5c42d8f4fe34cb34b48fcb62f76cc
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
543b6aa07ec2a979f3fe2cfaf367be8685e00d838444d7266a251630313ae3df
54bcd2321013c9f2ccbeef3881c41d044322b829fc6acb70bdfcb513311222a3
54eb39437f57c07adaaaad11ed103447446d3cdb39651f52f5525ff854833db9
550bccc6fcbe41527998fe7207ef6e5f984d4bb13f4ebafb40220fe74ad8f92c
559b31d3bc0185120c58737f353802e44bcf75835a53fca492f6a801e65baa40
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bf691e806a61ac2706350a98c7f0829f74a28f7eb0e45143c75c692d77324a5
5c5c3a00bbb46fd0ebd56886f2a5fb77bb38ec8ea8a0470fe01b180142c7b07d
5cdb424fda83855abfdfe087e9a57202da475399ff53e5129f44c96a1faabebd
5dd6bab436e0335bc425861c3c70e9e44668190ddb5845f2c64567cba59ab2f4
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6300286007861bbccdd557fcf95ed6153a4f0354e9a415f576ee3d48bf85c370
63492cae368ea0530a2e9de0c30f1da6c3dcf4a0a24751f1ca2072ef42762bf7
636db9eabb4c312e5fdbf709257aaf59366cef035d4a03dfb326a0a339567c15
65975545f0ef2110c688da2fbc74c6a593060438ca53f7844dff4a8f2715c77e
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
683d80eb1c8b1e4f7f711d405f7f021fff5cb96104a3078b1b81f900b80eb2da
694fd0e3ae930abffb9c48b884af84c7c3e5d37e587be0018bffe4a73bcaf009
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d353ae9262026d7db4ba404cd1661d7f68a9d69f6141789789ad4a538795e6f
6d7c47b2b470c5f48f9a92e4aa1925ea9597a9e8c7b568cdced15995615a28d6
6dab50ecb070cc4606ac03ad7496da959872a609012ac908be878226353c24ee
6ef98da2c7bd2c043c2445d75315901e93133b3791a4ba4b0ba748d63e21917f
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696
74b7a58c68d889c77d25a08547f24c90db48f839af891b68043b0d4e806b1460
7539d974cd2e042fff00badae1ec29ff3b63638427ab002e06460c3eee33baee
75415de477057d29dc8ce932edb80f70daf44f0796a28dd76ff310bc148178e5
7567de6febdd2a6dcaf3bd32f277c6415a6f6d1c3c6b0a4da3f15f10a84a6fc7
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78190b4fd2293885052093ed4c303021b101e70978a189ea5f04b6f47058a565
7c18a28941b1dc220aba8bd15c60e1ee76ad90cf81e7a66acd784d3e4c801bdd
7d2fff0ab245ffd8586516e14ec0b42eaa76ce30a8bdc74744071a9c58338084
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
7d934ccc2c6a7ecb64131179a7c0eb439f40d438d5f35247b2e11d2c0d998626
7f2fd9e4e075f4f9f9a26477932a7ec0922601978f7bdf194d19d01f4bcd0357
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851bbed869c3284ed59ee585f67acac0dbd9b105b2570a6d786f4ca103ef5a18
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
89a3bf4960fffd8168de5b195e15f152beb0f37dfec2b20c1a0e7669429741dd
8af99045a48c81f45970f62c5aeb5e15e94c85f9fbd14bd8e0a830d7ff9789b9
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
903528dd4ce871e9569e497d52a9f94098fcfc5712a251e72a4b959db5a69e96
90a685b764319b1affe9d8bbba58a677879df5005479c12ffb078c4b4028d699
90da5a59ad8b76003a1440e5d18da2e7825c21d86a8f55fcbdf86642badaa25f
91959e148b3919b8479f75d2c26dc7bd15ac304c9602aa4a23f56a3288bfe51e
942f08bb05c33bb74a2130a97e9fbcc39cdacdd2135b32908ee3242b47a26307
9538d8bd7dcab3de7ddd6723a667aad290af9d1c6e4b29769b4edddf2939da46
97bca0cfa74fdf9e933e103f53565dbacf9f4c6c58c16017ca1321a62f24a3a1
9a051a7557f5a89e5a8e27337a91f594f336996a53ca429e81479eb96f6f830d
9a6e0179411261e2ff56ff5a212668c664a32b8a09839343b57694d939705618
9b10b81a71765e74dd98b8552a5a02daf889d38637a65108fb42c512e5879737
9b43f2a0a627d9a2c83c6df9484f8240510165f6e4afa069771ce36493a96fc3
9c767a8ddf6f5ffc31f821264cd88b3b7606032a281a1ac21ea5a7cd3e6af0d8
9cb36e3be47c35941f14b75bd46b4b4f12908d0c989d66d6e4173e9fb58497ab
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
9d91adb1d1ad950b7050265b6036a4566a7d4c5abbeb6c159e20f101a3d70645
9e59e71a7e63cdf0e3f138a4a80eb36cc568bb0034b2521da181ef94ab6e38e8
9f17f977ee8c6d7874b9ed91c2bc311e63fc720752dae31358ebb7fe202dce65
a026e6589bd493bcfb20885f4bf5c853dbd9985ef1849b7422bb1c69e49bc9ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d93254e392f7361b334641f8781721fd31c7b18283c88fe67df7d3123e1c24
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afda1dcdc734ede8bedac395d9c15d95fea1ac45067d863c60cbd1a03716f38b
afdd29778a35ecf1638fc1c8bee1d4f7843d437d01b5db08cdf364da6b0edeaf
aff84e8abf6fb249fed68366a7225441ab121ce300a2f35fa898a4cef9a32a31
b103806c4097038ff0178ee308be051f00c5aaebf96e25b7a76f96ac58525a93
b15276647ccf87092eb1914b4a13af4f29333871919c2674ea249dd16ef8a916
b18ea99233fd28b8814cf858d8da55e8f166546581a9449503397235ddab3168
b45162adf2166c9009600c9606247135ac41553844c6cfc585b7ca2a8c8bbe3e
b499837f58b341a88f721e6aa4820373da35f89ace1ac0b287f4b98a4c140379
b71b0d27540370e17a756c5933fa69530c00eca08f45ee357431c4ced9b7a07b
b72fa13b7e20af8f5f57361ec73deac3aedff55dcfe2dbd3f44ffecdf433d51a
b963e6e8d3da30ab23f9ee92a5527a3f78a5db5f0758edfe81457f5a4701cd74
ba45337e83533a4b394ca5b432689dc0405d6bcda26fd27549cc6363f040a7ff
badce69a12d2ec64ac92f14e5f9af0b172952b18c5bc0e31a3585cc1382b3e9f
bd37b323f243da9dbda110388b0d80cb4cffce2e1aaf5fe01871f96a5ebd25c4
bf8df44fd8958183b0f6406640a1938b049fe02073e12a677a2b4ea93465cb80
bfe7a9764568b4ae1ef7344357abd9a96a425e321518d7604952dc6953186307
c05b52c075ba9a577bcd921f7b0f1d8a41123be01be2e268cc75e169f99238e8
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067
c1f9c561ab2137104a3b6f2976e6b94b87c356732fd7272b16a88cabf44d895a
c3dc7ce33f483db3bcdc7dd0e97e41a397fcc454c7595892c8dd9415e53b297e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c79a0c5f74d483551e2288694c5cd45d0770ab13d799ee39c79e2fd3bbc91abf
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a
ca58ba4e9188bc46a7352844f3358eb5fd55174033a8eb8042d408ae4aac6501
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb4fbcfb49280979ebc30f0deb04974948c453ebc06076484da74c1651ab3c27
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce9039702aecad4537fcd24409559d2f44e63577d1003737b0d350a2569e8f44
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d5120440917d3c35e8579b9a64f9b66fc8e40b7ded1813bdb03ccb50979512
d16ba9fa3fd29705bfb24e0361f59fe3515d6a4c2f07e8a8992db9f52d50542a
d20c5b0fb7547e3a9d66511f2cdca9eae94f508c525e7eacc02532959e39cbbf
d271010ec832b13a7252ea92bd07c7a129f5617945db4c3072146fc3d41c42dc
d37087f40012ad2c9dd5c5f9dbe18f07f025515768ad0de674bddc1267f0de76
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
da4c2c90367ae15a66b1c9d31206e9d865390bc2dde6606ea533711eda60ed75
dc16471802c2317dcd7589d116dd7654d486d43d1cf2d1db7ac24ced7212da2b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de2247b4480c3721e985c3772c708e607b15e6c3813abb272eddc7cbe073dd46
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e19e5fec549d0d871301c8196f4a954abe8d6913464a1ac511f81ef71529f89b
e1e0b7d512eac885e932bf5b1e6d0dda4ebbfc991e13b9dab097f582406dd1a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a48bbf1ed8d5b1b54fa130451dd8aa78499947cfe0b24ab467a0e7c3c77dfa
e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069
e93a35c2d8fcd8c3fa0e1e9f51d5056369680613b0132fd16ccb45da50dbbe2f
eb6cc776124a0e4a99c2d91c88a082bbbb3fbfd9748d77416eb9c3f1612bc7a9
ec5d29c779f529cb290ab519874c1cca180b3e7bddec2f40f22cd4d503bda722
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ed941b0c87c7f1472a4b37ad701e4d9b0b76e378ba63e2ee417a060496872e2a
ee846502da590dfe518f5ea912fa41fed06e8a85240f592c95b42b5078997974
eec1a75117a5916fbbea67f5b1982792fa6284ff571e98f43660469753910472
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef640a042805051c478e09f6412fc8f7074b87e6c6c4c5773e4c56e9dc227d2a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f55f90380dcf06705f00f8b4f8c984fc095a893ecd5f14c829b1d5906441685e
f5e0aa8c73e533f59325fdd72cce907af50cf416043c4d812a0c7ee212366200
f78335168b725da10741e64a58f54d05a13fb6cbe574a253062eb76dafcc69d8
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7bba0cc484923e9dc8eb46a451efbd2ebe40980e07195777adaa39956bc5cd5
f7dac64634b7e6ee44cdf906aefd5cbe19ff4ee009235d614e061dd5d0c809f3
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
fc030d8918c5968049401e0523c0dda5027745bc526b090e0b08a30451dc019f
fd08b5dab2c1906d6f415c59f23721471dfec1ba7a23b622b2b4daff76d774ff
fdc4d0f009cb06307dc53a26ae5d77967107e906d1d159d635547df7f419bd1b
ffee5c9782e70ed6a4c23ed49fd70dfbbce1ddb73d1f04dd51bcb1242e2115ce