urlscan.io logo urlscan.io
SecurityTrails logo

nsjonline.com Open in urlscan Pro
2606:4700:3033::ac43:9548  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.nsjonline.com//article//2021//06//south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch//
Effective URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Submission: On October 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 12 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3033::ac43:9548, located in United States and belongs to CLOUDFLARENET, US. The main domain is nsjonline.com. The Cisco Umbrella rank of the primary domain is 916943.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.
This is the only time nsjonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.nsjonline.com
21    2606:4700:3033::ac43:9548 (United States)

ASN13335 (CLOUDFLARENET, US)
nsjonline.com
5    2400:52e0:1e00::1082:1 (Germany)

ASN60068 (CDN77 _, GB)
hb.wpmucdn.com
2    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    99.86.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-45.fra6.r.cloudfront.net
assets.revcontent.com
3    2606:4700::6812:196f (United States)

ASN13335 (CLOUDFLARENET, US)
drainpaste.com
3    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.212.206.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-206-110.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:223f:a800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    54.194.215.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-215-27.eu-west-1.compute.amazonaws.com
trends.revcontent.com
yeet.revcontent.com
1    18.66.102.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-94.fra56.r.cloudfront.net
img.revcontent.com
2    18.66.102.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-77.fra56.r.cloudfront.net
images.revcontent.com
1    13.32.121.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-9.fra60.r.cloudfront.net
media.revcontent.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
22 nsjonline.com
www.nsjonline.com
nsjonline.com — Cisco Umbrella Rank: 916943
454 KB
14 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 8939
trends.revcontent.com — Cisco Umbrella Rank: 2636
img.revcontent.com — Cisco Umbrella Rank: 10892
images.revcontent.com — Cisco Umbrella Rank: 10172
media.revcontent.com — Cisco Umbrella Rank: 23414
yeet.revcontent.com — Cisco Umbrella Rank: 9897
762 KB
5 wpmucdn.com
hb.wpmucdn.com — Cisco Umbrella Rank: 30519
121 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
148 KB
3 drainpaste.com
drainpaste.com — Cisco Umbrella Rank: 162090
25 KB
2 gstatic.com
fonts.gstatic.com
47 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
83 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
4 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 684
481 B
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 557
67 KB
58 12
Domain Requested by
21 nsjonline.com nsjonline.com
hb.wpmucdn.com
5 hb.wpmucdn.com nsjonline.com
4 yeet.revcontent.com assets.revcontent.com
3 trends.revcontent.com assets.revcontent.com
3 www.googletagmanager.com nsjonline.com
www.google-analytics.com
3 drainpaste.com nsjonline.com
drainpaste.com
3 assets.revcontent.com nsjonline.com
assets.revcontent.com
2 images.revcontent.com assets.revcontent.com
nsjonline.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net nsjonline.com
connect.facebook.net
2 www.google-analytics.com nsjonline.com
www.google-analytics.com
2 fonts.googleapis.com nsjonline.com
client
1 www.facebook.com connect.facebook.net
1 media.revcontent.com nsjonline.com
1 img.revcontent.com nsjonline.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.adsafeprotected.com nsjonline.com
1 ads.pubmatic.com assets.revcontent.com
1 www.nsjonline.com 1 redirects
58 19
Subject Issuer Validity Valid
nsjonline.com
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
*.wpmucdn.com
RapidSSL TLS RSA CA G1		 2024-03-13 -
2025-03-12		 a year crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
revcontent.com
Amazon RSA 2048 M03		 2024-04-18 -
2025-05-17		 a year crt.sh
drainpaste.com
WE1		 2024-09-06 -
2024-12-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-20 -
2024-10-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh

This page contains 3 frames:

Primary Page: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Frame ID: 1ADF5C46684B956CAE33E5FF13559E0E
Requests: 56 HTTP requests in this frame

Frame: data://truncated
Frame ID: E884E4104C90E21ED58CA0CE12D997D5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.9/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff7deb8f0934f3a82%26domain%3Dnsjonline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnsjonline.com%252Ff263c115ea831abd5%26relation%3Dparent.parent&container_width=298&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fnorthstatejournal&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&width=300
Frame ID: 7D8CF456CF8623A6E4D2D4E15D58DBC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found – The North State Journal

Page URL History Show full URLs

  1. http://www.nsjonline.com//article//2021//06//south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/... HTTP 307
    https://www.nsjonline.com//article//2021//06//south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/... HTTP 301
    https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Page Statistics

58
Requests

100 %
HTTPS

61 %
IPv6

12
Domains

19
Subdomains

19
IPs

3
Countries

1732 kB
Transfer

3055 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nsjonline.com//article//2021//06//south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch// HTTP 307
    https://www.nsjonline.com//article//2021//06//south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch// HTTP 301
    https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Redirect Chain
  • http://www.nsjonline.com//article//2021//06//south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch//
  • https://www.nsjonline.com//article//2021//06//south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch//
  • https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
95 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
f277fb4f8066338908221878a05fb5ecca91e60c86c84fa621b8b53e26e93e1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cache-tag
northstatejour6333054098fc6
cf-cache-status
DYNAMIC
cf-ray
8d0b5dc0cdd25c02-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 11 Oct 2024 02:19:37 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://nsjonline.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcrBJShCiUbVJY1kSiP%2FnuSM18BwXMPcdcncfzgI3dSwi2f9yRq7Nw3aLZl5ET7U59iN2Vtx0Q0wpp%2Bi4ea9s0p6TphU%2Bgt1xC7Ve44yt97qAToz3YDFQ%2FHSDSGC3RK9m5sccsRBRdeaoNio"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
x-cache
MISS
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d0b5dbd9e62d37e-FRA
content-type
text/html; charset=UTF-8
date
Fri, 11 Oct 2024 02:19:36 GMT
expires
Fri, 11 Oct 2024 03:19:36 GMT
location
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
server
cloudflare
x-cache
MISS
x-cache-group
normal
x-cacheable
non200
x-orig-cache-control
max-age=3600
x-powered-by
WP Engine
x-redirect-by
WordPress
speculation
nsjonline.com/cdn-cgi/ 		128 B
569 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nsjonline.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nsjonline.com
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m66%2BxzMG23r5j6T%2FkJe0eA11U0lqOV8ZNdUriMDlAONVIuFbrF9jyX7OuhJHHW0qKH4h6LCofAyduVuLvrZAaygDcMkIEMwfhPh9KJutt0P9MYZJFtf0%2FIFWoy7t%2FXm8FIEhuG%2FeIKB%2Fas0%2B"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc66f7d5c02-FRA
access-control-allow-origin
https://nsjonline.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
91c28bc4-114f-4a32-add0-09f17ed6e7ea.css
hb.wpmucdn.com/nsjonline.com/ 		110 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/nsjonline.com/91c28bc4-114f-4a32-add0-09f17ed6e7ea.css
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
5048825e1412e43dd523f9ebfd913d4e0f5b8e8afda1693c6e82739c9221cb24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"7e19da7d38519be7034c6296cf41f221"
x-amz-meta-hb-minify
minify=0.0%, origSize=112419
date
Fri, 11 Oct 2024 02:19:37 GMT
last-modified
Sat, 28 Sep 2024 05:34:18 GMT
cdn-cachedat
09/28/2024 05:36:57
vary
Accept-Encoding
content-type
text/css
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
ff3c5684dc58d3e9ccae4a7289b2f700
cdn-pullzone
1101156
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1081
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
f29353b2-ac94-4ef4-b375-3dd9406f455c.css
hb.wpmucdn.com/nsjonline.com/ 		104 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/nsjonline.com/f29353b2-ac94-4ef4-b375-3dd9406f455c.css
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
326b42472fd642b93e48b8537239f0c2a492273a869c02b3c40e91760b6ae80b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"39ce5c280dbafd5be1a6477f7aa418a3"
x-amz-meta-hb-minify
minify=0.0%, origSize=31294
date
Fri, 11 Oct 2024 02:19:37 GMT
last-modified
Sat, 28 Sep 2024 05:34:18 GMT
cdn-cachedat
10/09/2024 17:42:02
vary
Accept-Encoding
content-type
text/css
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cache
HIT
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
6d9abb8fc92ebc74709f122c63a03ac9
cdn-pullzone
1101156
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2e4537e92ee06780895bca5b7c31216e42b5bf36a2b79b67b63c129f2725c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 02:19:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 11 Oct 2024 02:12:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
c617cc4c-e5e4-456f-a8f1-c0cc6a2c5d41.js
hb.wpmucdn.com/nsjonline.com/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/nsjonline.com/c617cc4c-e5e4-456f-a8f1-c0cc6a2c5d41.js
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

cdn-status
200
content-encoding
br
etag
"4f37101ff3ee8f069d1ca3852ffbbf18"
x-amz-meta-hb-minify
minify=0.0%, origSize=87553
date
Fri, 11 Oct 2024 02:19:37 GMT
last-modified
Sat, 28 Sep 2024 05:34:19 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
10/05/2024 03:55:59
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
b8224b30bb4108ac9de8cc83ff40ea45
cdn-pullzone
1101156
cdn-proxyver
1.04
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
120dbc9f-a5c2-439e-b620-1046681f157e.js
hb.wpmucdn.com/nsjonline.com/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/nsjonline.com/120dbc9f-a5c2-439e-b620-1046681f157e.js
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
2ccc090e261b2ef1ebaa61f5868caaeabae88333d8dd487951f4c64664b140fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

cdn-status
200
content-encoding
br
etag
W/"ec4e0a330bee0cadcee21467eadf9608"
x-amz-meta-hb-minify
minify=0.0%, origSize=7581
date
Fri, 11 Oct 2024 02:19:37 GMT
last-modified
Sat, 28 Sep 2024 05:34:20 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
09/28/2024 05:36:57
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
617912f3eeee16556b6885778b653dde
cdn-pullzone
1101156
cdn-proxyver
1.04
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
ENTD.BIRTHDAYS.PAULSIMON-326x245.jpg
nsjonline.com/wp-content/uploads/2024/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/10/ENTD.BIRTHDAYS.PAULSIMON-326x245.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673d740932985e9673787bc46c89948d087ee45a5b69e2b424e2fceeed27f051

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"67071301-3b8a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PbhkYKSTHghJjcIWt34j1bE87mQf8AitEzWJc2OBy9phqUn7UdFQOWIPC9U30nThC%2FhTNrkQzwlTXVHe03rG9tiimuU3PT6RevoFFiEcNGddiFS7qiwpdhw5BsHO0AHIcTs0nwQ0HWtcEoMv"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc66f7e5c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
15242
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
image/jpeg
last-modified
Wed, 09 Oct 2024 23:34:25 GMT
vary
Accept-Encoding
server
cloudflare
NC-300x250-1.jpg
nsjonline.com/wp-content/uploads/2024/07/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/07/NC-300x250-1.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb926b2f4687f99ff61ad98199c78d436a0551c49bfd7259d50722c88c63c5eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"668cbea3-10036"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIDKqX97yt6ebIRiomZVVZ9SimguE%2Fh9MP0%2BqJMF6jVQKEoNbKgw1ysvYjXcOvbg8j20unLCXPo%2F8QmX2K%2BF9qWLEpP6YZXMwzjTNAEZIQxNVt8o9WwXwZ9AciMl2EOk2eqcE8bJIeYMk4JE"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc66f7f5c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
65590
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Tue, 09 Jul 2024 04:37:55 GMT
vary
Accept-Encoding
server
cloudflare
NC-300-x-600.jpg
nsjonline.com/wp-content/uploads/2024/07/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/07/NC-300-x-600.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656d16664e954ad0dc6cebaf693932c63b583bb506e029d780d816d28b84ee51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"668cbea0-1cafc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLy7CZ8UQ44B%2FmVCqUePnWFjOrORz9RdL50GbNmX%2FoYpQ7q87LvqT7apQf%2BKEkBWKGpu0ukw0X6p4mLy7vMlk90nCc29NyKeaQhv2RB4kLEzY1dpMFz29MDtp3tlJA6mH1agDZ8GiAn9LgUU"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc66f805c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
117500
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Tue, 09 Jul 2024 04:37:52 GMT
vary
Accept-Encoding
server
cloudflare
delivery.js
assets.revcontent.com/master/ 		159 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-45.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1760bb9355d5a32c6b3d48ecf53dcfedeca08516b0b921682e9d0ce55ce74b26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

vary
Accept-Encoding
cache-control
public,max-age=60
content-encoding
br
etag
W/"b00e2c9578a737dff7b6f33e21f10832"
age
53270
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
198hJXsmtJdq8hY1dm28DYSj1GkTAHC6QAwSxo5hothOHBgVtnC_4Q==
date
Thu, 10 Oct 2024 11:31:48 GMT
content-type
text/javascript
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
53289b20-083f-465a-89c8-263171013e63.js
hb.wpmucdn.com/nsjonline.com/ 		100 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.wpmucdn.com/nsjonline.com/53289b20-083f-465a-89c8-263171013e63.js
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1082:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
2d1443b4156a839c0742083a2345eac03e45ad8815a7508d207296361cf21375

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

cdn-status
200
content-encoding
br
etag
"f3d09891318c3a629c810a7cd930a507"
x-amz-meta-hb-minify
minify=0.0%, origSize=7910
date
Fri, 11 Oct 2024 02:19:37 GMT
last-modified
Sat, 28 Sep 2024 05:34:21 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
09/28/2024 05:36:57
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
778bbc1f-fc99-4e43-843d-a54ddaa69624
cdn-requestid
f7d4f6431c09db13dfde81a7b840c135
cdn-pullzone
1101156
cdn-proxyver
1.04
cdn-edgestorageid
1079
server
BunnyCDN-DE1-1082
cdn-requestcountrycode
DE
x-amz-server-side-encryption
AES256
2e794c1f4e6aee816078d28ac8.v2.js
drainpaste.com/scripts/e535961be7/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drainpaste.com/scripts/e535961be7/2e794c1f4e6aee816078d28ac8.v2.js
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e93c2a2c718e7110a4806ea290975c3da592d1a8931fea07654486aa40c1ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

content-encoding
br
cf-cache-status
MISS
etag
W/"8ee0667912d30f2975689e7f281e6260018f91e34513df2e5493f20029c0a94f"
x-buildname
hoothoot
x-hostname
fen-hoothoot-europe-west1-test-wtl1
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Language
strict-transport-security
max-age=15724800; preload
cache-control
private, must-revalidate, max-age=21600
timing-allow-origin
*
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8d0b5dc79fe15d8a-FRA
x-buildnumber
1467201897
server
cloudflare
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/gif
truncated
/ Frame E884 		37 B
37 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
js
www.googletagmanager.com/gtag/ 		135 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=admin
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17f13607632d930a8dc98386fb1d15efebe0f0a178897cd77ef26c23bfba8eaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 11 Oct 2024 02:19:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 11 Oct 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
52480
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

content-encoding
gzip
age
3202
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 03:26:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 01:26:15 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
413325b373f45de2f7bbc7f2daf1b085bbfc43e80200b9f6891d99ecdcbfdf80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

content-md5
praMiLHlypV1D76xXBfFLw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"1f04d744755e95b371736e8dc166e9f3"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 02:34:45 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
90962610f81d9dbc2da2359be84ff49d
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4460, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
B9asFtxL6jRZvVpH5OoHzNJEUCxhPGKXzjM80qcKnuAplltj+BaPa7aFjiTy4nJH6limAuDswRHIbCqWOK7gIA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?1
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nsjonline.com
Referer
https://fonts.googleapis.com/

Response headers

age
238822
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 07:59:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 07:59:15 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
fontawesome-webfont.woff2
nsjonline.com/wp-content/themes/mh-magazine/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nsjonline.com/wp-content/themes/mh-magazine/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/nsjonline.com/f29353b2-ac94-4ef4-b375-3dd9406f455c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nsjonline.com
Referer
https://hb.wpmucdn.com/

Response headers

cf-cache-status
HIT
etag
"633f00bf-12d68"
age
2844151
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ed7r7jP%2F4NS5seY7xSAh5%2Fx2llwJwq6gaMYOrEXNEPpt4rv9oc3mhjwyTbVQQOzI97WZvOMORCbuTZFfJANoUkcDIcbnM4xqyqKw8eRoNzipCGT0svgOeS%2BXW%2Bif7mmjYTYWaOIC8p1fHlns"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
font/woff2
last-modified
Thu, 06 Oct 2022 16:22:23 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d0b5dc75fc65c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
cropped-nsj-nameplate-rgb-wide.jpg
nsjonline.com/wp-content/uploads/2022/10/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2022/10/cropped-nsj-nameplate-rgb-wide.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519761d4ccdbeb1a7a953c27a1a6a10c3ed1535963631658a832df5b2a401109

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cf-cache-status
HIT
etag
"63c99f15-655e"
age
96424
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLP4RZwrn1p1GGDXHyZiUdT8fGsEwGaWv0aLN0iekxX24eRk8IQPPu1K1OFmn9lrONHJHoW1XLdJzZOUCDoeYlRhaH3VqToEUkeabKi3bHAGE8oXRJGpvndYs8WuqgKLX878FVt%2FmU8kLRyD"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
image/jpeg
last-modified
Thu, 19 Jan 2023 19:50:45 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d0b5dc77fce5c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
25950
server
cloudflare
ajax-handler.php
nsjonline.com/wp-content/ 		2 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nsjonline.com/wp-content/ajax-handler.php
Requested by
Host: hb.wpmucdn.com
URL: https://hb.wpmucdn.com/nsjonline.com/53289b20-083f-465a-89c8-263171013e63.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

x-robots-tag
noindex
content-encoding
zstd
cf-cache-status
DYNAMIC
cache-tag
northstatejour6333054098fc6
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kCqKgioendT7wxqca8Wz%2BJukbypvpEzIJg0%2B08DmqixIAYxIMexdFE%2FioHSRmovdiYZshLm3AYn1ni%2FO0HJp0hm0%2Bkx%2BvLu%2B%2FwHeC89zpO8f5QWf0a7CXFdS99c%2BC7SVQK1H3BMJkiqtmtJm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, must-revalidate, max-age=0, smax-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d0b5dc77fcf5c02-FRA
x-powered-by
WP Engine
server
cloudflare
sdk.js
connect.facebook.net/en_US/ 		283 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=d09a49fb77220c2b03f20d160c29f8f1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
292d19d09c844a5aaa591391532ab6e735c0e55fb180ed4c9b34dda411ad569e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nsjonline.com
Referer
https://nsjonline.com/

Response headers

content-md5
/+qfOHmp0oKDVp1YJL0wQw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"ef13b663aca31b84084fb9add3906c63"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 11 Oct 2025 01:56:17 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
3a26aab75fb3770e2d839f83a1506586
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4458, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
KQOAIXeAJbLYkWGuT905C7lPu43paUbVk/6s3QxttHukyVLR4QoFJF8KyegxddIMXKpdZbp8AH3T1ZmSe+n9zQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
82584
origin-agent-cluster
?1
collect
www.google-analytics.com/j/ 		15 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1562340215&t=pageview&_s=1&dl=https%3A%2F%2Fnsjonline.com%2Farticle%2F2021%2F06%2Fsouth%2F-dakota%2F-gov%2F-noem%2F-rallies%2F-activists%2F-at%2F-ncgop%2F-lunch%2F&ul=de-de&de=UTF-8&dt=Page%20not%20found%20%E2%80%93%20The%20North%20State%20Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1855791406&gjid=292703814&cid=1213008556.1728613178&tid=UA-62164917-2&_gid=786684786.1728613178&_r=1&_slc=1&z=611532607
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b6d6d72ea37a63c0de2defa6de6fe8cbef64ae1f8e4780733c3059956a3d0aa9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://nsjonline.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 02:19:37 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://nsjonline.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		272 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VS7ZFNTCNB&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af34de8c1c557576aabffb9b9ab777850208ad5dde3bc615e65cc8f613f6f3c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 11 Oct 2024 02:19:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97746
x-xss-protection
0
server
Google Tag Manager
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.206.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-206-110.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

cache-control
max-age=105706
content-encoding
gzip
expires
Sat, 12 Oct 2024 07:41:23 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
68444
date
Fri, 11 Oct 2024 02:19:37 GMT
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
td
www.googletagmanager.com/ 		0
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=admin&v=3&t=t&pid=2140152848&dl=nsjonline.com%2Farticle%2F2021%2F06%2Fsouth%2F-dakota%2F-gov%2F-noem%2F-rallies%2F-activists%2F-at%2F-ncgop%2F-lunch%2F&tdp=admin;;0;0;0&frm=0&z=0
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
text/plain
server
Golfe2
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adspot_id=hljkl_728x90_
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age
4581
x-cache
Hit from cloudfront
x-amz-cf-id
ZPtHRPZ_V8HuBuwP205v9iW5yUR8RXSkAjYRuh0lk7iI4xgogdS9Iw==
date
Fri, 11 Oct 2024 01:03:17 GMT
content-type
image/gif
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
43
x-amz-cf-pop
FRA56-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
NSJ_A1.Statewide-audit.AP1_-80x60.jpg
nsjonline.com/wp-content/uploads/2024/04/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/04/NSJ_A1.Statewide-audit.AP1_-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c1d00c7685f605003060aba0a1dec184d42a94bf74adfca005ba5550dc4076

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"66286d3e-377d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GVbxm%2B1q0MnHWdbdKsNs1rFsVeSlEHTm46xkMVp1m4O0WB%2FAggD9apcrKzWsgaf5z%2BEXtIj6BLujwkUt0UMR0g6zm4MSXoq%2B2al84ZSPnnEXCZygExd%2FdVk9xvMWJmlu%2BU9chmetZ3NGYcaF"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc868015c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
14205
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Wed, 24 Apr 2024 02:23:58 GMT
vary
Accept-Encoding
server
cloudflare
AP24283701005351-80x60.jpg
nsjonline.com/wp-content/uploads/2024/10/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/10/AP24283701005351-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b6bd594936ac54ed1ac4bd8e091d19ec7b0374be8284bfc0ee06a0ac6c1b2c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6706e51b-4499"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1IHXwwT4h6CdUB9W4Wwv%2FBRsstEmA4Spt6jYACByQf2AlokR1PnanGS%2FNwKvnSFG1yu6toERkX31UGeUbUu%2Bi%2F8SPQ0w4JQpwpVANUn4ScH3NdLeWwaDDmFAIgCZIoeItjQtOzok1UZQwBo"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc868025c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
17561
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Wed, 09 Oct 2024 20:18:35 GMT
vary
Accept-Encoding
server
cloudflare
NSJ_A1.HSA_-80x60.jpg
nsjonline.com/wp-content/uploads/2024/10/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/10/NSJ_A1.HSA_-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eacbf67662026debc60b70c2808b46fd4bdf4f86c86233855e7aed555e9af861

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6706e1d1-48ec"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nxj%2Bx44UOhWKoDV2yOlJEhpHw97zrVBAuqGSD%2BANqFAwKQBrx4PdlGur0AjJPS23OHzcglJeJdGTW1OYzF%2F5LMfprClTqpE48hTT1ik1LnHaQMHh%2B6uOpK16Q%2FqzzJZPvdna1K7i3dnZr8rp"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc868035c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
18668
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Wed, 09 Oct 2024 20:04:33 GMT
vary
Accept-Encoding
server
cloudflare
B3.Bowl-Projections1-326x245.jpg
nsjonline.com/wp-content/uploads/2022/11/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2022/11/B3.Bowl-Projections1-326x245.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aacd798d91b564eeb9beaaaec825eb008aa6ec573b4a2e72867c49ac7db9e191

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"63c99efb-61fa"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kk7QhltBD3SWt1ZSUlDNUpqPoSDGFuLnv5S%2Bc321ChBC55UJP15XdZ1kA9Ree237XwHnnQ5fVMQFIzHg2%2BVxy37epUIgM1ZXAMKYnEz%2FT%2FQK0cKmFIjkFPSoxd6oR%2BuCzQLnjLgGvEAZ230i"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc868045c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
25082
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Thu, 19 Jan 2023 19:50:19 GMT
vary
Accept-Encoding
server
cloudflare
B1.World-Cup1-80x60.jpg
nsjonline.com/wp-content/uploads/2022/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2022/11/B1.World-Cup1-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fcf84307f4bdebeb5ad1c0de91d025ff377eb574da180361b98c3dbc73d7ee3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"63c99efb-646"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0ZlVe55abAjQlO%2F3UXPV1wN5skvfVzzN44YrOXxAF%2Bw%2FaCcT7O7dLy7wwAMVRNZE88vckdLPlWJ689RlCDf5dK5TFx%2FTd8mBZBGVCiJavBLnxOqsmJUD9csijfO0YlEELqvu3MDyQTfiTKR"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc868055c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1606
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Thu, 19 Jan 2023 19:50:19 GMT
vary
Accept-Encoding
server
cloudflare
B1.Drake-Maye1-80x60.jpg
nsjonline.com/wp-content/uploads/2022/11/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2022/11/B1.Drake-Maye1-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1d7c66f52204f2add5c999e3fe763678c97de3c867b74fa0ea84af41ba312d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"63c99efb-897"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mb95MhAD%2FKinsobBwO9hcCwYR3ilJVq7%2BM%2FmA6q8dr6pJZKnftnZWb9SkTwfV2kjd6VaDeJ8s2oSUP8CY%2B3Tx5Pouq2aNBtJkxwAPtWr%2FuTV4JzwnCNy8x%2B44ZP7%2FXNuIkwxipMWnZWGB7jM"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc868065c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
2199
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Thu, 19 Jan 2023 19:50:19 GMT
vary
Accept-Encoding
server
cloudflare
AP22317050377192-80x60.jpg
nsjonline.com/wp-content/uploads/2022/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2022/11/AP22317050377192-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
461b3d1bfd86840a1fb401ac880a1d110fc8c012467fdfda73115cd9edd432b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"63c99ef5-7a7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9DMRlABaL5g4auUgJDXUTdx0f58lZ1XAa7WCgAa8qGT%2B5ngE4G51CK7J0m0T8%2FtyfywlNcPnjZznwZoHn5plfabwrswIWXjwTSJ7x2q6wsW3JuhcY3NC8E4IfUtrl0I7lLtzgqYz3gW6gFA"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc868075c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1959
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Thu, 19 Jan 2023 19:50:13 GMT
vary
Accept-Encoding
server
cloudflare
AP22314781835257-80x60.jpg
nsjonline.com/wp-content/uploads/2022/11/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2022/11/AP22314781835257-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
482b97db7e50f701427afbc12a9ddb926778ed5d6d38a2fca8073db8d5a2e6fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"63c99ef5-9d9"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M85nwtvps9FKQwUiZdf2qw6lFt2qV8c%2B8n4PxPYdr1ZqH%2BTmnD6OZtXzTfL2sAdrJOvgJ13prE%2BhF7Bo%2BEIdttlMR45tSlQqbmGv1VMIRIeyMxViZfLY7ZpuH5oXeoYSOzC8xYMLpJysk7zc"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc868085c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
2521
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Thu, 19 Jan 2023 19:50:13 GMT
vary
Accept-Encoding
server
cloudflare
NSJ_A1.HSA_-326x245.jpg
nsjonline.com/wp-content/uploads/2024/10/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/10/NSJ_A1.HSA_-326x245.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89098d352a4b47acea4ee68686c9796262aabe7d4d799b2128162b087859089b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6706e1d2-4f43"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vg2y5pTAr4LanSnNm4lmdMSFhG7ieGz%2B319qKmgBzgKIho438kPBiQBDzX3gkiYcQ%2BptRS6pCo8R71BEBdeP76A3YXsGmefOKxFYH8d9zS5PoNf0R3mtMFcG0vQ9a0NLYlJ2uEwOCM%2Fwv7FF"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc868095c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
20291
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Wed, 09 Oct 2024 20:04:34 GMT
vary
Accept-Encoding
server
cloudflare
AP24279824526578-80x60.jpg
nsjonline.com/wp-content/uploads/2024/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/10/AP24279824526578-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143fa3870c1a39f9b59f0e49c88df3db37488bb6f2b5cffe9118ad4772376e0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6701dfb2-1fb2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tVMqwgl0iN3P720aCFjM7OC6lGKTWddfN0S4GRskw7x7%2Fprvgpcdx03ciENaFh9xQ4Ah%2FQ9Tr4HwNtX2aRwF3XzeK2jt5gN2wIf%2FroXNlZuEqca%2FSRG%2BHAYg8TfraiCZNkhEdwuTDDvP77ue"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dc8680a5c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
8114
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Sun, 06 Oct 2024 00:54:10 GMT
vary
Accept-Encoding
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VS7ZFNTCNB&gtm=45je4a90v9124082988za200&_p=1728613177466&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685&ul=de-de&sr=1600x1200&cid=1213008556.1728613178&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fnsjonline.com%2Farticle%2F2021%2F06%2Fsouth%2F-dakota%2F-gov%2F-noem%2F-rallies%2F-activists%2F-at%2F-ncgop%2F-lunch%2F&dt=Page%20not%20found%20%E2%80%93%20The%20North%20State%20Journal&sid=1728613177&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1857
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VS7ZFNTCNB&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://nsjonline.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
text/plain
server
Golfe2
/
trends.revcontent.com/api/demand/ 		54 B
313 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=270882
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.215.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-215-27.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

strict-transport-security
max-age=931536000; includeSubDomains
x-rc-region
eu-west-1c
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-origin
https://nsjonline.com
content-length
54
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
envoy
07cb1f3741282b62948bfc9d9d46575616dc6
drainpaste.com/0/c68d18bdd5248ae/ 		303 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://drainpaste.com/0/c68d18bdd5248ae/07cb1f3741282b62948bfc9d9d46575616dc6
Requested by
Host: drainpaste.com
URL: https://drainpaste.com/scripts/e535961be7/2e794c1f4e6aee816078d28ac8.v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d62ed3d138e5f82fbe639dfef2a8600b18d8cd4ae8b7b3bcd99195aba96fbbd5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nsjonline.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-europe-west1-test-wtl1
expires
Fri, 11 Oct 2024 02:19:36 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 02:19:37 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8d0b5dc9fd469a05-FRA
access-control-allow-origin
https://nsjonline.com
x-buildnumber
1467201897
server
cloudflare
/
trends.revcontent.com/api/delivery/ 		8 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=270882&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fnsjonline.com%2Farticle%2F2021%2F06%2Fsouth%2F-dakota%2F-gov%2F-noem%2F-rallies%2F-activists%2F-at%2F-ncgop%2F-lunch%2F&icr_url=&va=0&user_uuid=undefined&time=1728613177922&up=pc&bn=chrome&bv=129&widget_width=326&style_id=0&an=false&mr=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.215.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-215-27.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
2c92b77fb691f3878caaba605715426e911eb96311edeb35618dcea5ac808fc1
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

strict-transport-security
max-age=931536000; includeSubDomains
x-rc-region
eu-west-1c
content-encoding
gzip
x-envoy-upstream-service-time
53
access-control-allow-credentials
true
access-control-allow-origin
https://nsjonline.com
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
application/json; charset=utf-8
vary
Origin
server
envoy
07cb1f3741282b62948bfc9d9d46575616dc6
drainpaste.com/c78d18bdd5248ae/ 		3 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://drainpaste.com/c78d18bdd5248ae/07cb1f3741282b62948bfc9d9d46575616dc6
Requested by
Host: drainpaste.com
URL: https://drainpaste.com/scripts/e535961be7/2e794c1f4e6aee816078d28ac8.v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:196f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://nsjonline.com/

Response headers

cf-cache-status
DYNAMIC
x-buildname
hoothoot
access-control-allow-methods
POST, OPTIONS
x-hostname
fen-hoothoot-europe-west1-test-wtl1
expires
Fri, 11 Oct 2024 02:19:36 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security
max-age=15724800; preload
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
access-control-allow-credentials
true
x-datacenter
gce-europe-west1
via
1.1 google
cf-ray
8d0b5dca6d6d9a05-FRA
access-control-allow-origin
https://nsjonline.com
content-length
3
x-buildnumber
1467201897
server
cloudflare
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.215.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-215-27.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Referer
https://nsjonline.com/

Response headers

strict-transport-security
max-age=931536000; includeSubDomains
x-rc-region
eu-west-1c
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-origin
https://nsjonline.com
date
Fri, 11 Oct 2024 02:19:38 GMT
vary
Origin
server
envoy
css2
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5285515bf363153d3aa9ed5f966d48ef395bb1f5c853ad2704b79b29d2be692
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 02:19:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 11 Oct 2024 01:24:29 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
defaultWidget~feedWidget.fc0759b5.delivery.js
assets.revcontent.com/master/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.fc0759b5.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-45.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c42fe8b25d562fb8a997b6b46e32c6d95d0c8d541e5a801b630b2f846fabf38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

vary
Accept-Encoding
cache-control
public,max-age=60
content-encoding
gzip
etag
W/"fd80945f9733ec4f10d317a3124a1d4e"
age
61983
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
x1LrG5lGvcK2Iy3KTcHRiNJkE8GrU7LABKEIIYc9Gnphp8_i196HUA==
date
Thu, 10 Oct 2024 09:10:19 GMT
content-type
text/javascript
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
defaultWidget.fc0759b5.delivery.js
assets.revcontent.com/master/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.fc0759b5.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-45.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fa5deb87fcd2378185227321ae20ce283f190455da484428fe964250e7bce59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

vary
Accept-Encoding
cache-control
public,max-age=60
content-encoding
gzip
etag
W/"73256e1256a6260b764c62fe4a204400"
age
62859
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
fTO1v3kE9U1M8BB_1G_kRRBE5UpLsboodP2HKolUF21V5jjXlTX_qQ==
date
Thu, 10 Oct 2024 08:52:00 GMT
content-type
text/javascript
last-modified
Fri, 13 Sep 2024 16:40:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
/
img.revcontent.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

x-rc-region
us-east-1a
x-envoy-upstream-service-time
60
etag
"a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
age
2106621
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
1351
x-amz-cf-id
eU1S-kixPwypXD0I8Dyt-UvO4LYjBG-OGkIsw7jT1B6mlLUkevvLHA==
date
Thu, 03 Oct 2024 06:35:01 GMT
content-type
image/png
last-modified
Thu, 01 Jun 2023 15:43:57 GMT
server
envoy
x-amz-cf-pop
FRA56-P2
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://nsjonline.com
Referer
https://fonts.googleapis.com/

Response headers

age
238822
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 07:59:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 07:59:15 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
12680689.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/164851/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/164851/12680689.jpg
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-77.fra56.r.cloudfront.net
Software
Cloudinary /
Resource Hash
882123ace32fb7456b28d3f9beaf4456111a13a2e004c37ebbbfbf8fa005327e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

x-request-id
5310b9c8cce5b062f331b7875a2f9dcc
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
etag
"dae205c397ffed095d1067a11dfba3e1"
age
63602
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
GSNb2Pxz3PrEZkYJ07hMA4JrjBNPCtL8Ar5J-5cUa2rx4V3PKEEO0g==
date
Thu, 10 Oct 2024 08:39:36 GMT
content-type
image/jpeg
last-modified
Mon, 23 Sep 2024 20:16:36 GMT
strict-transport-security
max-age=604800
cache-control
public, no-transform, max-age=604800
timing-allow-origin
*
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11157
x-amz-cf-pop
FRA56-P2
server
Cloudinary
12680689.mp4
media.revcontent.com/cr_videos/164851/ 		462 KB
463 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://media.revcontent.com/cr_videos/164851/12680689.mp4
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-9.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e150b92ec569d23b920a985cced6b566d99cc3cf0b26e2ef79eb5ff72d221ae

Request headers

Referer
https://nsjonline.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
ABXft.At7z8CNcYGGG_h_Mg5lRAxBq2D
etag
"ba9d41ea781f9f19bfa03c16c4de1ea4"
age
1491560
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
pH4VvxKyZC4drI8VelrEmmYcvhkNSQ9PfSzquKTLnEo7g88cWH-zNA==
date
Mon, 23 Sep 2024 20:00:19 GMT
content-type
video/mp4
last-modified
Mon, 23 Sep 2024 09:00:47 GMT
Content-Range
bytes 0-473520/473521
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront)
accept-ranges
bytes
Content-Length
473521
x-amz-cf-pop
FRA60-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
66ffca4f2d23e2-19560998.gif
images.revcontent.com/revcontent/image/fetch/f_gif,fl_lossy,q_50,h_225,w_300,c_fill,g_faces:auto/https://media.revcontent.com/content/images/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_gif,fl_lossy,q_50,h_225,w_300,c_fill,g_faces:auto/https://media.revcontent.com/content/images/66ffca4f2d23e2-19560998.gif
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-77.fra56.r.cloudfront.net
Software
cloudflare /
Resource Hash
f55ff293f49e54e50611100dbcfc6d936982bae9700490a6696222f726e3b4c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/

Response headers

x-request-id
ecd989617b672758991c5b255ebdd24b
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
etag
"095adaa3ae6cbee535828a1a4c4e4e68"
age
478035
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
lSzL96zO3XiKTli2UGxvJHv0lFUMhbYy28KSieX_gf0-OcyevPQ3SQ==
date
Sat, 05 Oct 2024 13:32:23 GMT
content-type
image/gif
last-modified
Sat, 05 Oct 2024 13:31:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=604800
cache-control
public, no-transform, max-age=604800
timing-allow-origin
*
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
cf-ray
8cddc6fc5f891fdc-IAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
222351
x-amz-cf-pop
FRA56-P2
server
cloudflare
ENT-E-THE-STREAM.OUTTERBANKS-80x60.jpg
nsjonline.com/wp-content/uploads/2024/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/10/ENT-E-THE-STREAM.OUTTERBANKS-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7d397006365404440aef0d318ea8f97868d4bb387d36371e64e92aeda27ce5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"67070ea8-3be5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hqCpfsr9pgYx8WR488%2BtdlTAU7mU6MaGSF1KlsjA3XNQe456jTsaVzRnZCaq6Xjg1cElwOxb%2F36zU8GvnxyK0B%2BUAJH1z7E5Fv3UipGVui1L5BFVyOrdxvnI80Rz1azr6RjByA3muYkBARcr"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dcbb8f05c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
15333
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Wed, 09 Oct 2024 23:15:52 GMT
vary
Accept-Encoding
server
cloudflare
AP24243645551087-80x60.jpg
nsjonline.com/wp-content/uploads/2024/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsjonline.com/wp-content/uploads/2024/10/AP24243645551087-80x60.jpg
Requested by
Host: nsjonline.com
URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d26371712e0fd3165a403cdb3b32053642713bbee6e2484e3481b60b36b715

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"67016e88-2018"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hneo%2FDlrNa4HHqSB71eS4N6T0cJRX%2FjrPZhU9C0%2Fu3fYF9p%2BpQ8WNwNkmvOZ7IIvMzKx67pR03IVstUxHJe%2F3QJiDiJ3yNpzA0KZqoacbmsNjail7iQOeOHlOObA4Rny2DUVVa0ku1TbjMJM"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dcdd9915c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
8216
date
Fri, 11 Oct 2024 02:19:38 GMT
content-type
image/jpeg
last-modified
Sat, 05 Oct 2024 16:51:20 GMT
vary
Accept-Encoding
server
cloudflare
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.215.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-215-27.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://nsjonline.com/

Response headers

x-rc-region
eu-west-1c
access-control-allow-origin
https://nsjonline.com
date
Fri, 11 Oct 2024 02:19:38 GMT
x-envoy-upstream-service-time
2
vary
Origin
server
envoy
access-control-allow-credentials
true
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.215.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-215-27.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://nsjonline.com/

Response headers

x-rc-region
eu-west-1c
access-control-allow-origin
https://nsjonline.com
date
Fri, 11 Oct 2024 02:19:38 GMT
x-envoy-upstream-service-time
3
vary
Origin
server
envoy
access-control-allow-credentials
true
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.215.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-215-27.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nsjonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nsjonline.com
content-length
0
date
Fri, 11 Oct 2024 02:19:38 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
eu-west-1c
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.215.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-215-27.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nsjonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://nsjonline.com
content-length
0
date
Fri, 11 Oct 2024 02:19:38 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
eu-west-1c
page.php
www.facebook.com/v2.9/plugins/ Frame 7D8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.9/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff7deb8f0934f3a82%26domain%3Dnsjonline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnsjonline.com%252Ff263c115ea831abd5%26relation%3Dparent.parent&container_width=298&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fnorthstatejournal&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&width=300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d09a49fb77220c2b03f20d160c29f8f1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nsjonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 11 Oct 2024 02:19:39 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v15.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7424337073055123752"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7424337073055123752", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1328, tbw=2927, tp=-1, tpl=-1, uplat=84, ullat=0
x-fb-debug
kaiGeJ5EkZSHdc2tQeL6BVZ0adCX8FnDCtMwkAdYAJPuP75HOd30KVhf9uOwRFpxSogrhACoeaiHcdyhCAslEQ==
x-xss-protection
0
cropped-nc_webicon2-32x32.png
nsjonline.com/wp-content/uploads/2019/03/ 		318 B
764 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nsjonline.com/wp-content/uploads/2019/03/cropped-nc_webicon2-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9548 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3207147f76123299c56402c065ee457564e43d954e7d766a6a0657cca9b5bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/

Response headers

cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"63c9e181-13e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4VqtlP%2BgC5KuQ6%2B1HPOERMnW1g4%2BEsPAlOzea%2BUSEfGeGMUY2tYa7si%2BJtMfd0YzJ2EcKwCGcjXoG3GihnLfAWanTlwrHyFYJ8ngrLIWr8Taqj3rgR128ljn1qiJf6sKLeeXhn8iSPpbDL6%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0b5dd30bdd5c02-FRA
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
318
date
Fri, 11 Oct 2024 02:19:39 GMT
content-type
image/png
last-modified
Fri, 20 Jan 2023 00:34:09 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| advanced_ads_ready object| advanced_ads_ready_queue function| admiral object| googletag function| jQuery object| advads_options object| advads object| html5 object| Modernizr object| advadsCfpQueue function| advadsCfpAd function| advanced_ads_check_adblocker object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga object| advadsTracking object| advanced_ads_pro_ajax_object object| advanced_ads_responsive object| advanced_ads_cookies object| advadsCfpInfo number| advanced_ads_resizetimeout number| advanced_ads_cookieexpires number| advanced_ads_browser_width object| info function| advanced_ads_resize_window function| advanced_ads_save_width function| advads_resize_delay function| advanced_ads_get_browser_width object| advanced_ads_pro object| advads_pro_utils object| Advads_passive_cb_Conditions object| advanced_ads_group_refresh object| AdvAdsTrackingUtils object| AdvAdsImpressionTracker object| AdvAdsClickTracker function| Advads_passive_cb_Placement function| Advads_passive_cb_Ad function| Advads_passive_cb_Group function| advads_postscribe object| lazySizes object| advads_admin_bar_items object| advads_has_ads object| advads_tracking_ads object| advads_tracking_urls object| advads_tracking_methods object| advads_tracking_parallel object| advads_tracking_linkbases object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| wpJsonRciWidget object| ua_result object| revcontent function| renderRCWidget object| advadsProCfp object| google_tag_manager object| __buffer function| 4dm1r11545242527 object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| PWT function| dspCriteoRTUSCallback function| dspCMCallback object| advads_passive_ads object| advads_passive_groups object| advads_passive_placements object| advads_placement_tests object| advads_ajax_queries object| advads_js_items

7 Cookies

Domain/Path Name / Value
nsjonline.com/ Name: advanced_ads_visitor
Value: %7B%22browser_width%22%3A1600%7D
.nsjonline.com/ Name: _ga
Value: GA1.2.1213008556.1728613178
.nsjonline.com/ Name: _gid
Value: GA1.2.786684786.1728613178
.nsjonline.com/ Name: _gat
Value: 1
.nsjonline.com/ Name: _ga_VS7ZFNTCNB
Value: GS1.2.1728613177.1.0.1728613177.0.0.0
nsjonline.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.nsjonline.com/ Name: _awl
Value: 2.1728613177.5-ced3d2c8e8c476a6c84447eb551cc282-6763652d6575726f70652d7765737431-0

1 Console Messages

Source Level URL
Text
network error URL: https://nsjonline.com/article/2021/06/south/-dakota/-gov/-noem/-rallies/-activists/-at/-ncgop/-lunch/
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
assets.revcontent.com
connect.facebook.net
drainpaste.com
fonts.googleapis.com
fonts.gstatic.com
hb.wpmucdn.com
images.revcontent.com
img.revcontent.com
media.revcontent.com
nsjonline.com
region1.google-analytics.com
static.adsafeprotected.com
trends.revcontent.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.nsjonline.com
yeet.revcontent.com
13.32.121.9
141.193.213.10
18.66.102.77
18.66.102.94
2001:4860:4802:32::36
23.212.206.110
2400:52e0:1e00::1082:1
2600:9000:223f:a800:8:48e:53c0:93a1
2606:4700:3033::ac43:9548
2606:4700::6812:196f
2a00:1450:4001:809::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:830::200e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
54.194.215.27
99.86.4.45
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
143fa3870c1a39f9b59f0e49c88df3db37488bb6f2b5cffe9118ad4772376e0e
15c1d00c7685f605003060aba0a1dec184d42a94bf74adfca005ba5550dc4076
1760bb9355d5a32c6b3d48ecf53dcfedeca08516b0b921682e9d0ce55ce74b26
17f13607632d930a8dc98386fb1d15efebe0f0a178897cd77ef26c23bfba8eaa
1c42fe8b25d562fb8a997b6b46e32c6d95d0c8d541e5a801b630b2f846fabf38
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
292d19d09c844a5aaa591391532ab6e735c0e55fb180ed4c9b34dda411ad569e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6bd594936ac54ed1ac4bd8e091d19ec7b0374be8284bfc0ee06a0ac6c1b2c8
2c92b77fb691f3878caaba605715426e911eb96311edeb35618dcea5ac808fc1
2ccc090e261b2ef1ebaa61f5868caaeabae88333d8dd487951f4c64664b140fb
2d1443b4156a839c0742083a2345eac03e45ad8815a7508d207296361cf21375
2fcf84307f4bdebeb5ad1c0de91d025ff377eb574da180361b98c3dbc73d7ee3
326b42472fd642b93e48b8537239f0c2a492273a869c02b3c40e91760b6ae80b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
413325b373f45de2f7bbc7f2daf1b085bbfc43e80200b9f6891d99ecdcbfdf80
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
461b3d1bfd86840a1fb401ac880a1d110fc8c012467fdfda73115cd9edd432b7
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
482b97db7e50f701427afbc12a9ddb926778ed5d6d38a2fca8073db8d5a2e6fc
4e150b92ec569d23b920a985cced6b566d99cc3cf0b26e2ef79eb5ff72d221ae
5048825e1412e43dd523f9ebfd913d4e0f5b8e8afda1693c6e82739c9221cb24
519761d4ccdbeb1a7a953c27a1a6a10c3ed1535963631658a832df5b2a401109
656d16664e954ad0dc6cebaf693932c63b583bb506e029d780d816d28b84ee51
673d740932985e9673787bc46c89948d087ee45a5b69e2b424e2fceeed27f051
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
882123ace32fb7456b28d3f9beaf4456111a13a2e004c37ebbbfbf8fa005327e
89098d352a4b47acea4ee68686c9796262aabe7d4d799b2128162b087859089b
8fa5deb87fcd2378185227321ae20ce283f190455da484428fe964250e7bce59
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
aacd798d91b564eeb9beaaaec825eb008aa6ec573b4a2e72867c49ac7db9e191
ab3207147f76123299c56402c065ee457564e43d954e7d766a6a0657cca9b5bf
af34de8c1c557576aabffb9b9ab777850208ad5dde3bc615e65cc8f613f6f3c8
b6d6d72ea37a63c0de2defa6de6fe8cbef64ae1f8e4780733c3059956a3d0aa9
b6e93c2a2c718e7110a4806ea290975c3da592d1a8931fea07654486aa40c1ea
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4d4233a44f3ae1cef58b97a2e551008e9a8a5403b1c26c67136a0a20f9c7eb1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d1d7c66f52204f2add5c999e3fe763678c97de3c867b74fa0ea84af41ba312d6
d2e4537e92ee06780895bca5b7c31216e42b5bf36a2b79b67b63c129f2725c89
d62ed3d138e5f82fbe639dfef2a8600b18d8cd4ae8b7b3bcd99195aba96fbbd5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d26371712e0fd3165a403cdb3b32053642713bbee6e2484e3481b60b36b715
eacbf67662026debc60b70c2808b46fd4bdf4f86c86233855e7aed555e9af861
f277fb4f8066338908221878a05fb5ecca91e60c86c84fa621b8b53e26e93e1c
f5285515bf363153d3aa9ed5f966d48ef395bb1f5c853ad2704b79b29d2be692
f55ff293f49e54e50611100dbcfc6d936982bae9700490a6696222f726e3b4c4
fa7d397006365404440aef0d318ea8f97868d4bb387d36371e64e92aeda27ce5
fb926b2f4687f99ff61ad98199c78d436a0551c49bfd7259d50722c88c63c5eb