urlscan.io logo urlscan.io
SecurityTrails logo

nbcnewscde.link Open in urlscan Pro
172.67.208.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nbcnewscde.link/
Effective URL: https://nbcnewscde.link/
Submission Tags: scythethephish
Submission: On June 16 via api from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 15 domains to perform 41 HTTP transactions. The main IP is 172.67.208.29, located in United States and belongs to CLOUDFLARENET, US. The main domain is nbcnewscde.link.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.
This is the only time nbcnewscde.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.208.29 13335 (CLOUDFLAR...)
9 34.120.220.213 396982 (GOOGLE-CL...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 119.8.184.92 136907 (HWCLOUDS-...)
5 216.58.206.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 20.119.174.243 8075 (MICROSOFT...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
3 192.124.249.58 30148 (SUCURI-SEC)
1 104.18.97.112 13335 (CLOUDFLAR...)
2 2620:12a:8001::3 54113 (FASTLY)
1 172.67.180.168 13335 (CLOUDFLAR...)
1 18.245.46.123 16509 (AMAZON-02)
1 130.211.28.102 396982 (GOOGLE-CL...)
41 19
1    172.67.208.29 (United States)

ASN13335 (CLOUDFLARENET, US)
nbcnewscde.link
9    34.120.220.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.220.120.34.bc.googleusercontent.com
static.cdns.space
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    119.8.184.92 (Singapore, Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-119-8-184-92.compute.hwclouds-dns.com
gbw.cmpc.fun
5    216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net
pagead2.googlesyndication.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.clarity.ms
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    192.124.249.58 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10058.sucuri.net
unitingaviation.com
1    104.18.97.112 (None, )

ASN13335 (CLOUDFLARENET, US)
www.flightradar24.com
2    2620:12a:8001::3 (United States)

ASN54113 (FASTLY, US)
www.universalweather.com
1    172.67.180.168 (United States)

ASN13335 (CLOUDFLARENET, US)
fearoflanding.com
1    18.245.46.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-123.fra56.r.cloudfront.net
s30378.pcdn.co
1    130.211.28.102 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 102.28.211.130.bc.googleusercontent.com
app.webfx.com
Apex Domain
Subdomains		 Transfer
9 cdns.space
static.cdns.space — Cisco Umbrella Rank: 741754
103 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
214 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 776
r.clarity.ms — Cisco Umbrella Rank: 7770
c.clarity.ms — Cisco Umbrella Rank: 1472
28 KB
4 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 3907
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 630
1 KB
3 unitingaviation.com
unitingaviation.com — Cisco Umbrella Rank: 968525
1 MB
2 universalweather.com
www.universalweather.com — Cisco Umbrella Rank: 713521
90 KB
2 cmpc.fun
gbw.cmpc.fun — Cisco Umbrella Rank: 258257
15 KB
1 webfx.com
app.webfx.com — Cisco Umbrella Rank: 523286
120 KB
1 pcdn.co
s30378.pcdn.co
35 KB
1 fearoflanding.com
fearoflanding.com — Cisco Umbrella Rank: 798729
187 KB
1 flightradar24.com
www.flightradar24.com — Cisco Umbrella Rank: 40182
2 MB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 226
761 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
88 KB
1 nbcnewscde.link
nbcnewscde.link
2 KB
41 15
Domain Requested by
9 static.cdns.space nbcnewscde.link
static.cdns.space
5 pagead2.googlesyndication.com static.cdns.space
pagead2.googlesyndication.com
3 unitingaviation.com
3 r.clarity.ms www.clarity.ms
2 www.universalweather.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 c.clarity.ms 1 redirects
2 firebaseinstallations.googleapis.com static.cdns.space
2 gbw.cmpc.fun static.cdns.space
2 firebase.googleapis.com static.cdns.space
2 www.clarity.ms nbcnewscde.link
www.clarity.ms
1 app.webfx.com
1 s30378.pcdn.co
1 fearoflanding.com
1 www.flightradar24.com
1 c.bing.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com static.cdns.space
1 nbcnewscde.link
41 19

This site contains no links.

Subject Issuer Validity Valid
nbcnewscde.link
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
*.cdns.space
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2024-05-17 -
2025-05-17		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.cmpc.fun
RapidSSL TLS RSA CA G1		 2023-11-07 -
2024-11-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
unitingaviation.com
Go Daddy Secure Certificate Authority - G2		 2024-01-19 -
2025-01-19		 a year crt.sh
*.flightradar24.com
Go Daddy Secure Certificate Authority - G2		 2023-06-13 -
2024-07-14		 a year crt.sh
universalweather.com
R3		 2024-05-19 -
2024-08-17		 3 months crt.sh
fearoflanding.com
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
pcdn.co
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-08		 a year crt.sh
app.webfx.com
GTS CA 1D4		 2024-06-04 -
2024-09-02		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://nbcnewscde.link/
Frame ID: 83C9B7E9393B4239AAE6C51FDC6B584C
Requests: 36 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Frame ID: 4630F6DB53CC44E21CE7C27AE845B335
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718499491&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fnbcnewscde.link%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_4~29_11&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718499491110&bpp=3&bdt=180&idt=115&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3627520490641&frm=20&pv=2&ga_vid=1188200995.1718499491&ga_sid=1718499491&ga_hid=1512546671&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084128%2C44798934%2C95334510%2C95334528%2C95334571%2C95334053%2C95335292%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4001121703876274&tmod=1534721485&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=138
Frame ID: 67D6656604F982973BB34EC6CF90D920
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C18CDDF0368285002725183A2AAB9EE4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

News

Page URL History Show full URLs

  1. http://nbcnewscde.link/ HTTP 307
    https://nbcnewscde.link/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

41
Requests

95 %
HTTPS

42 %
IPv6

15
Domains

19
Subdomains

19
IPs

5
Countries

4241 kB
Transfer

5061 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nbcnewscde.link/ HTTP 307
    https://nbcnewscde.link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D9A00280630944EB8343C55CBE63B73D&RedC=c.clarity.ms&MXFR=2C70452F85EA6A411A50518F81EA6407 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9A00280630944EB8343C55CBE63B73D&MUID=15E6FD42CD4967701555E9E2CC9B6612

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nbcnewscde.link/
Redirect Chain
  • http://nbcnewscde.link/
  • https://nbcnewscde.link/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nbcnewscde.link/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7570b6c8a68ea4d88f47344601e2aa665666629233b8cf826694b1507377183d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8946d996fffd9f52-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 16 Jun 2024 00:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oCkrFZXcwRq5yrK6xTcn9uoeKBabyAvpzoRg8KMpcV2T8HLROb1LAowZlF%2FV1g2ZFnshGGg845VgsYqdkB45TyGozn6To3t45dx%2FysXcW68X74j1tW0egrevhpDwfYbSDRc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express

Redirect headers

Location
https://nbcnewscde.link/
Non-Authoritative-Reason
HttpsUpgrades
bundle.axios.b49b59d3.js
static.cdns.space/news/js/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/bundle.axios.b49b59d3.js
Requested by
Host: nbcnewscde.link
URL: https://nbcnewscde.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
81cfd5a6139bef8ca4a6119ce20e9f674fc1c92fcc6a09dc4cdb7a9b4c10cb71

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 03:24:16 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSVL2scHsKaQaYnbPrB0z/lzmZk4H+H+
via
1.1 google
server
OBS
last-modified
Wed, 12 Jun 2024 03:18:44 GMT
age
336834
etag
"2dce5340d1ce5bacfc134b5b734c7035"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
000001900A798E0B980FBF11A7FEB677
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12044
bundle._firebase.96fdd5c4.js
static.cdns.space/news/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js
Requested by
Host: nbcnewscde.link
URL: https://nbcnewscde.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
879a8ff307ce35a2d4087794dbf886d7d3e6d8a9b78d36eac890b506822fb674

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 03:24:16 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSfAcWncdrziXhwSJLh6WG5VhtINh9ol
via
1.1 google
server
OBS
last-modified
Wed, 12 Jun 2024 03:18:44 GMT
age
336834
etag
"363563600e2b9ef6c072391f98e8e640"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
000001900A798E11980FBFFCA80A1DAD
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12072
main.95b757a0.js
static.cdns.space/news/ 		233 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/main.95b757a0.js
Requested by
Host: nbcnewscde.link
URL: https://nbcnewscde.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
1867103221d661e54c1578fde84ef2ae26b30032de844760fd4e5c347bd06f8f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 08:16:37 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS1AahViogSussz9LYC0Kk9nh0fXQLXs
via
1.1 google
server
OBS
last-modified
Fri, 14 Jun 2024 08:10:17 GMT
age
146493
etag
"e8ec2cb83f5274df9a34934e4d123293"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
0000019015D1EABD941525306B141D75
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68668
home.84f138d9.css
static.cdns.space/news/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/css/home.84f138d9.css
Requested by
Host: nbcnewscde.link
URL: https://nbcnewscde.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
2d888d1a1a95aed1aedfff14ed06d498fc36f46d3141e9e396990e222fcd08d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:53:21 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSqyZPDK4TcgSXf4BfqsQeOyNHuKm/u0
via
1.1 google
server
OBS
last-modified
Thu, 13 Jun 2024 06:47:46 GMT
age
237889
etag
"2c44e6f5cdbeebab36be19ef818b0eea"
content-type
text/css
cache-control
public,max-age=2592000
x-obs-request-id
00000190105F53BD941CA4599866514A
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1224
home.1d669a85.js
static.cdns.space/news/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/home.1d669a85.js
Requested by
Host: nbcnewscde.link
URL: https://nbcnewscde.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
06dc95ebccdc6c2f7fb67ac1317a8906ba3dc612870befcdc0453a7e22aa9e30

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:33:14 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSgo5/h81ar+J76CSBmyQqwZ9avMLuzP
via
1.1 google
server
OBS
last-modified
Thu, 13 Jun 2024 06:27:56 GMT
age
239096
etag
"00c8787cbc6b315407004f769cb9629d"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
00000190104CEAAD980C29CFD47402AB
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2468
mr8qhckurd
www.clarity.ms/tag/ 		637 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mr8qhckurd
Requested by
Host: nbcnewscde.link
URL: https://nbcnewscde.link/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
62de50eb0d5a2ff6fd80872df6ddf0ae1cf88144964695b5b353637dbcb2865b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Sun, 16 Jun 2024 00:58:11 GMT
x-azure-ref
20240616T005811Z-r1695cb7469qv8csmvb7m0dw140000000490000000008n2d
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
chunk-55ef3d61.79a31e29.css
static.cdns.space/news/css/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/css/chunk-55ef3d61.79a31e29.css
Requested by
Host: nbcnewscde.link
URL: https://nbcnewscde.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:53:21 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSPthFrPYKshkha2Cr+yslT3HK+s0kSN
via
1.1 google
server
OBS
last-modified
Thu, 13 Jun 2024 06:47:46 GMT
age
237889
etag
"7afc9172a7d1c0d2bb9f695d5060fdca"
content-type
text/css
cache-control
public,max-age=2592000
x-obs-request-id
00000190105F53C09412F3429A2DBFCD
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
986
bundle.core-js.960643ae.js
static.cdns.space/news/js/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/bundle.core-js.960643ae.js
Requested by
Host: nbcnewscde.link
URL: https://nbcnewscde.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 03:24:16 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSVgkb65BjgWEU5RSiA1zW8Qx2AGi09P
via
1.1 google
server
OBS
last-modified
Wed, 12 Jun 2024 03:18:44 GMT
age
336834
etag
"829750d9fb3f84b43a102ec93ef40e93"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
000001900A798E1698085F191AE0CF21
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
chunk-55ef3d61.ad15843b.js
static.cdns.space/news/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/chunk-55ef3d61.ad15843b.js
Requested by
Host: nbcnewscde.link
URL: https://nbcnewscde.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:33:16 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSdwHCzwbZURuIDtKu2VMEuUZ6ZD3qPs
via
1.1 google
server
OBS
last-modified
Thu, 13 Jun 2024 06:27:55 GMT
age
239094
etag
"4ea5949ed002270181fe8c240040970f"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
00000190104CF0F490175529DF92576B
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2174
bundle.core-js.960643ae.js
static.cdns.space/news/js/ 		14 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cdns.space/news/js/bundle.core-js.960643ae.js
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/main.95b757a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.220.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
213.220.120.34.bc.googleusercontent.com
Software
OBS /
Resource Hash
2b52caddecc00d834db84af3ea143970d26ed06ba594d5cf340b9c8f77d4c3ce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 03:24:16 GMT
content-encoding
br
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSVgkb65BjgWEU5RSiA1zW8Qx2AGi09P
via
1.1 google
server
OBS
last-modified
Wed, 12 Jun 2024 03:18:44 GMT
age
336834
etag
"829750d9fb3f84b43a102ec93ef40e93"
content-type
application/javascript
cache-control
public,max-age=2592000
x-obs-request-id
000001900A798E1698085F191AE0CF21
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:883227955075:web:8a101a782185fbf10670b6/ 		268 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:883227955075:web:8a101a782185fbf10670b6/webConfig
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd9e65a32d833234a0374782a9e9eb8a622c8eb6cad3babbb9260d5723a39eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
accept
application/json
Referer
https://nbcnewscde.link/
x-goog-api-key
AIzaSyC1P6oiqJZv89IwYZ7ONsiuUqI85cI_pbI
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nbcnewscde.link
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
194
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:883227955075:web:8a101a782185fbf10670b6/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:883227955075:web:8a101a782185fbf10670b6/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://nbcnewscde.link
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://nbcnewscde.link
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 16 Jun 2024 00:58:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
summary
gbw.cmpc.fun/v1/tc/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gbw.cmpc.fun/v1/tc/a/summary
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.8.184.92 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-184-92.compute.hwclouds-dns.com
Software
elb /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nbcnewscde.link
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Sun, 16 Jun 2024 00:58:11 GMT
Server
elb
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3125188477567991
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/home.1d669a85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
9fac4dc5ceeb61b115ee4062fce66c598eb77eca646e1584dffa40aadc862fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Origin
https://nbcnewscde.link
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52022
x-xss-protection
0
server
cafe
etag
4034347287737567714
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 16 Jun 2024 00:58:11 GMT
summary
gbw.cmpc.fun/v1/tc/a/ 		15 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gbw.cmpc.fun/v1/tc/a/summary
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle.axios.b49b59d3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.8.184.92 Singapore, Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-119-8-184-92.compute.hwclouds-dns.com
Software
elb /
Resource Hash
e42aa6daf9c9c3ce2ab416232728f12bc689d40b0fb74bcfe59ca229385be7b0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 16 Jun 2024 00:58:12 GMT
Server
elb
Transfer-Encoding
chunked
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
installations
firebaseinstallations.googleapis.com/v1/projects/bbcmnop-com0612/ 		625 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/bbcmnop-com0612/installations
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98f7b3d3150a2fcc6bc0d44bc4bcae45ed92bc1039137ac66cc883c1fb0c14b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTMgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEzIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjIzLjAgZmlyZS1paWQvMC42LjQgZmlyZS1paWQtZXNtMjAxNy8wLjYuNCBmaXJlLWFuYWx5dGljcy8wLjEwLjAgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjEwLjAiLCJkYXRlcyI6WyIyMDI0LTA2LTE2Il19XX0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://nbcnewscde.link/
x-goog-api-key
AIzaSyC1P6oiqJZv89IwYZ7ONsiuUqI85cI_pbI
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nbcnewscde.link
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
490
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/bbcmnop-com0612/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/bbcmnop-com0612/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://nbcnewscde.link
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://nbcnewscde.link
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 16 Jun 2024 00:58:11 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/ 		426 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=nbcnewscde.link&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3125188477567991
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
f6c40e9d31e3d6ebd418ab3cf2dd8dbdebdc9e0c774d3dafed40338120771223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147282
x-xss-protection
0
server
cafe
etag
3447766604882093766
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 16 Jun 2024 00:58:11 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mr8qhckurd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:11 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240616T005811Z-r1695cb7469qv8csmvb7m0dw140000000490000000008n2p
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
6c728f9f-801e-0015-2192-b53968000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
js
www.googletagmanager.com/gtag/ 		247 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-K0Q7PRSWL0
Requested by
Host: static.cdns.space
URL: https://static.cdns.space/news/js/bundle._firebase.96fdd5c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e356a6c277b56328f350f27935ea9d59d653a2aecac0aeb2393e6ddc5a7c2a04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89886
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 16 Jun 2024 00:58:11 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K0Q7PRSWL0&gtm=45je46c0v9187591657za200&_p=1718499491119&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&_fid=diJKlfORsIFXj08pOf3ViD&cid=1188200995.1718499491&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718499491&sct=1&seg=0&dl=https%3A%2F%2Fnbcnewscde.link%2F&dt=News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1136&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-K0Q7PRSWL0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 00:58:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nbcnewscde.link
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/ Frame 4630 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=nbcnewscde.link&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nbcnewscde.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
17991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jun 2024 19:58:20 GMT
etag
16861080603521627538
expires
Sat, 29 Jun 2024 19:58:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 67D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-3125188477567991&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1718499491&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fnbcnewscde.link%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_4~29_11&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718499491110&bpp=3&bdt=180&idt=115&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=3627520490641&frm=20&pv=2&ga_vid=1188200995.1718499491&ga_sid=1718499491&ga_hid=1512546671&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31084128%2C44798934%2C95334510%2C95334528%2C95334571%2C95334053%2C95335292%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4001121703876274&tmod=1534721485&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=138
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=nbcnewscde.link&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nbcnewscde.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 16 Jun 2024 00:58:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
r.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://nbcnewscde.link
Date
Sun, 16 Jun 2024 00:58:11 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D9A00280630944EB8343C55CBE63B73D&RedC=c.clarity.ms&MXFR=2C70452F85EA6A411A50518F81EA6407
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9A00280630944EB8343C55CBE63B73D&MUID=15E6FD42CD4967701555E9E2CC9B6612
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9A00280630944EB8343C55CBE63B73D&MUID=15E6FD42CD4967701555E9E2CC9B6612
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nbcnewscde.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 00:58:11 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 16 Jun 2024 00:58:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EA771A910CCC47B994221843DA99B091 Ref B: FRAEDGE1213 Ref C: 2024-06-16T00:58:11Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D9A00280630944EB8343C55CBE63B73D&MUID=15E6FD42CD4967701555E9E2CC9B6612
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240612&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=nbcnewscde.link&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f2.1e100.net
Software
cafe /
Resource Hash
62bb9c05d65e1419f6674d465480ef4c185c7703f0c83556907e5289045abd46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12734
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3125188477567991&plah=nbcnewscde.link&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 16 Jun 2024 00:58:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C18C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nbcnewscde.link/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
19248
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 15 Jun 2024 19:37:23 GMT
expires
Sun, 15 Jun 2025 19:37:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
r.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://nbcnewscde.link
Date
Sun, 16 Jun 2024 00:58:12 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
truncated
/ 		83 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ecca21d29891d8a2205f4c6921218c7ab109f8885968a40f3d6c2e18172e1058

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
Salazar-Trudeau-Canada.jpg
unitingaviation.com/wp-content/uploads/2024/06/ 		841 KB
843 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitingaviation.com/wp-content/uploads/2024/06/Salazar-Trudeau-Canada.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10058.sucuri.net
Software
nginx /
Resource Hash
86c9999ec89373df4022ca828ca9bfa055b11836e9119211d794a68710589c0a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:12 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=300
x-sucuri-cache
HIT
content-length
861628
x-xss-protection
1; mode=block
last-modified
Wed, 05 Jun 2024 13:51:24 GMT
server
nginx
etag
"be2758-d25bc-61a24dcc02671"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15008
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Las-Vegas.jpg
www.flightradar24.com/blog/wp-content/uploads/2024/06/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flightradar24.com/blog/wp-content/uploads/2024/06/Las-Vegas.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.97.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b675d0296b26de43004d2887a5b71236c0c9cadcb3da5b3e452041aff92ac8f7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:12 GMT
cf-cache-status
HIT
age
3645
x-cache
BYPASS
alt-svc
h3=":443"; ma=86400
content-length
1908758
x-xss-protection
1; mode=block
cf-bgj
h2pri
last-modified
Tue, 11 Jun 2024 02:50:10 GMT
server
cloudflare
etag
"6667bb62-1d2016"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8946d9a6afa42c73-FRA
expires
Sun, 16 Jun 2024 04:58:12 GMT
Mind-the-Gap-.jpg
unitingaviation.com/wp-content/uploads/2024/04/ 		384 KB
385 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitingaviation.com/wp-content/uploads/2024/04/Mind-the-Gap-.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10058.sucuri.net
Software
nginx /
Resource Hash
4cebc0ae540c98fe572ee900c9b547cb2b3a1c1736a15cec39556c82ca073f69
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:12 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=300
x-sucuri-cache
HIT
content-length
393618
x-xss-protection
1; mode=block
last-modified
Wed, 03 Apr 2024 15:34:16 GMT
server
nginx
etag
"f00db9-60192-61532f49296c6"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15008
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
UA-Article-Newsletter-Subscription-1180x560px.png
unitingaviation.com/wp-content/uploads/2024/01/ 		266 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unitingaviation.com/wp-content/uploads/2024/01/UA-Article-Newsletter-Subscription-1180x560px.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.58 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10058.sucuri.net
Software
nginx /
Resource Hash
b272389cdb9f185d96315c94e58c8d17ba67002edd076c8fadbd92d91de09051
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:12 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=300
x-sucuri-cache
HIT
content-length
271952
x-xss-protection
1; mode=block
last-modified
Mon, 15 Jan 2024 14:10:39 GMT
server
nginx
etag
"be1c34-42650-60efc9418cff8"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
15008
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
DALL%C2%B7E-2024-06-08-13.45.22-A-photorealistic-image-of-the-British-Grand-Prix-at-Silverstone.-The-scene-features-a-Formula-1-race-car-decorated-with-the-British-flag-speeding-down-750x375.webp
www.universalweather.com/blog/wp-content/uploads/2024/06/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.universalweather.com/blog/wp-content/uploads/2024/06/DALL%C2%B7E-2024-06-08-13.45.22-A-photorealistic-image-of-the-British-Grand-Prix-at-Silverstone.-The-scene-features-a-Formula-1-race-car-decorated-with-the-British-flag-speeding-down-750x375.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e882157a5cbe70ec59afff290d7aa8f86f07fd7a65117676c4f68f1cb268493
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-pantheon-styx-hostname
styx-fe3-b-c76655bb7-lfp2s
strict-transport-security
max-age=31622400
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Sun, 16 Jun 2024 00:58:12 GMT
age
214309
x-cache
HIT, HIT, MISS, MISS, MISS
expires
Mon, 09 Jun 2025 18:55:35 GMT
content-length
41156
x-served-by
cache-chi-klot8100024-CHI, cache-ams21058-AMS, cache-ams21030-AMS, cache-fra-eddf8230051-FRA, cache-fra-eddf8230051-FRA
last-modified
Sat, 08 Jun 2024 18:46:20 GMT
server
nginx
x-timer
S1718499493.929524,VS0,VE14
etag
"6664a6fc-a0c4"
content-type
image/webp
x-styx-req-id
b0666302-25c8-11ef-b5dd-265184156450
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 130086, 0, 0, 0
Screenshot-from-2024-06-07-19-26-19-640x430.png
fearoflanding.com/files/2024/06/ 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fearoflanding.com/files/2024/06/Screenshot-from-2024-06-07-19-26-19-640x430.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81861971cd791419ec12f3976ec09c37800d68e0f577d7342b1c92e5ad0adb01
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
720243
alt-svc
h3=":443"; ma=86400
content-length
190830
last-modified
Fri, 07 Jun 2024 16:26:36 GMT
server
cloudflare
etag
"3eb936b90f1a9af8aec1e1fb70c83235"
x-frame-options
SAMEORIGIN, SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G8dJIWuBkonOwHKtsQPNFM593xBbjscs7VMCUiB2byXvBcwiU5x6t0dKpBRMIevTnCE85gRh8BfiLNyCkAIKdSkD1qaas%2BJD1qtpDTNoSnHB1BdkcpL2XKcjs8r4Ihb%2FpbcKzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8946d9a6ae3d3655-FRA
expires
Mon, 09 Aug 2027 02:40:49 GMT
ASCoverPhoto_Oct-1-220x300.jpg
s30378.pcdn.co/wp-content/uploads/2019/11/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s30378.pcdn.co/wp-content/uploads/2019/11/ASCoverPhoto_Oct-1-220x300.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-123.fra56.r.cloudfront.net
Software
cloudflare /
Resource Hash
715db1f24d0c5413ae2b33325be71094108fee71441fdb921c61bc874d0fb53d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 07:25:52 GMT
via
1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P9
age
1099940
x-cache
Hit from cloudfront
content-length
34856
x-gateway-cache-status
MISS
x-gateway-request-id
89cd4018a913de55c5708928fdde2f77
last-modified
Thu, 07 Nov 2019 16:28:48 GMT
server
cloudflare
etag
"5dc44640-8828"
vary
Accept-Encoding
x-gateway-skip-cache
0
content-type
image/jpeg
x-gateway-cache-key
1707321510.988||https|www.aviationsafetymagazine.com|||/wp-content/uploads/2019/11/ASCoverPhoto_Oct-1-220x300.jpg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CMEVd4oB9iF9gmmpIRwPZfHIqykSBwIyU3mAkjZEsdK7iF%2F5MJuv%2BIJ%2Bj2GBGagbECAg6YPK6cBh4Kr9udyLNJZ41kUVqkMOf66YmPR78oRIns%2F%2FUp9nU0a%2FMWjyAHPTMwv8fNt5y%2B%2FT5NvNiXFYzzI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
88ddf3a07f402be6-FRA
x-amz-cf-id
f-PCrqExKi3v96fqsBVkP9OStbhzzkhBnXn1lD07VDXaF5bqT8sizw==
expires
Wed, 03 Jul 2024 07:25:52 GMT
israel-ops-pt3-750x375.jpg
www.universalweather.com/blog/wp-content/uploads/2023/07/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.universalweather.com/blog/wp-content/uploads/2023/07/israel-ops-pt3-750x375.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:12a:8001::3 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53421cb8a1dee93003bb21a13dfd51cc2a74ecff86bc0adf6693319da2913667
Security Headers
Name Value
Strict-Transport-Security max-age=31622400

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
4305, 134582, 0, 0, 0
strict-transport-security
max-age=31622400
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Sun, 16 Jun 2024 00:58:12 GMT
age
214309
x-cache
HIT, HIT, MISS, MISS, MISS
expires
Tue, 18 Feb 2025 18:32:54 GMT
content-length
49753
x-served-by
cache-chi-klot8100134-CHI, cache-ams2100107-AMS, cache-ams21075-AMS, cache-fra-eddf8230051-FRA, cache-fra-eddf8230051-FRA
backend-ip-port
7ASqNxevWrE186HznHoMeq--F_styx_fe3_a_sharedvpc_dmz_01
last-modified
Fri, 07 Jul 2023 16:56:53 GMT
server
nginx
x-timer
S1718499493.929628,VS0,VE13
etag
"64a843d5-c259"
content-type
image/jpeg
x-styx-req-id
21821117-ce8c-11ee-8c3e-0606ae8e85e6
cache-control
max-age=31622400
accept-ranges
bytes
x-pantheon-styx-hostname
styx-fe3-a-768586b58-zxh75
259731600
app.webfx.com/uploads/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.webfx.com/uploads/259731600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.28.102 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
102.28.211.130.bc.googleusercontent.com
Software
nginx / Express
Resource Hash
5519b4aac40cd09c1272435a418262424952157cc9b540eb9273346de1c75e15
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.marketingcloudfx.com https://app.nutshell.com https://wp.operationsfx.com https://wp.staging.operationsfx.com ; frame-ancestors 'self' https://*.marketingcloudfx.com https://app.webfx.com https://*.app.dev.webfx.com https://app.nutshell.com https://wp.operationsfx.com https://wp.staging.operationsfx.com ; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:58:13 GMT
strict-transport-security
max-age=31536000, max-age=31536000
via
1.1 google, 1.1 google
content-security-policy
form-action 'self' https://*.marketingcloudfx.com https://app.nutshell.com https://wp.operationsfx.com https://wp.staging.operationsfx.com ; frame-ancestors 'self' https://*.marketingcloudfx.com https://app.webfx.com https://*.app.dev.webfx.com https://app.nutshell.com https://wp.operationsfx.com https://wp.staging.operationsfx.com ; upgrade-insecure-requests
server
nginx
x-powered-by
Express
allow
GET,POST,PATCH,PUT,DELETE
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
content-disposition
inline; filename=01-travelers-enjoy-enhanced-flexibility.jpg
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Jul 2024 00:58:13 GMT
collect
r.clarity.ms/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://nbcnewscde.link/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://nbcnewscde.link
Date
Sun, 16 Jun 2024 00:58:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240612&jk=4001121703876274&bg=!dnWldTrNAAb64txl2uI7ADQBe5WfOM55HaezzK_TlukcZ7pwRiAj-Egqf3VPo8n7gv7KPrpSuf2tkU4_uas6fbK53JbAAgAAADRSAAAABWgBB34ANTqqxC16NXWFzvnUivCaYCXcTZw0DIsxWWAVBm8vUsDLrcdwd-hbQyE1P370d7z-mx0-S4PkmQKaz5dUO7q4jh5Lnl-y8yWNbJ1gXeAZwZk-YeGpHCsy6KSWmPx3ytGEHBQVubZ6oTPBBZCrGiVVG5HdHmnCA2wC-rPyZc0qPDSivP-0BuOl6t3emiC4hzAhcHkR6IFKit72H2dTAKEvvSiRvafE4GSo9-NKO1Np3lV6OTd_AqiI4xZXWLumGqq-Tz7UNI3V6hrq5_NL29iDBXCdZM3z1sLztCrTYLosShuFUzcxQ1tPZBoOQSGLeHyXZOpPY4Pu81Xu1e-7aybCS9jFgMcPcCrbgGAtpHMVnLJEKjcng-PXiloHWYU1wudK3gsf4EQvrgFzd_ZX5b23Y9zS5OpSzgFu9W9sW1xgC69cFXxGfxBSRCbJFiE7j1-GDGM3zz1vTN4sZTW4tvrjMkEn4VcFzgJ1dw132QyAW-Yefs96Q4snuNyIX7BXHjLEzQ1AlmI7CMntm1TBQioBjXuSDdNMwFXo4dJkmOI17-Rw2GjdlxAIXYIdHR7EB4M9e2onUZGqBGX8qVo7WFHCtQRf3imAXWB2uesZBPneEqB3svi5TO8p6z1qarEgaz2wMEGezpeTze5ywUzwcatVzyFhQHtnTD1Y-33YWZszQItejVMb7Wl3L8YQEIf3W-uSS6pgN-sgLaXrD_31VPFTkYnEnanf-1rt_4vNDd9X1DpyVN6RFskbUQzrfQV_wp33j_J3yXapAcA6L87nwwRFxJnnkrdaOD1q0jQj24niJtgsCY_8zZ9v75urQMjQwLy-rZRhjkTCdZCrj1iZa7hDSScpNMD0R7HKOl-50o0aoxpurQMtyndqU_kui970O88-O5zHcHzrqVYUquXpugyv33nuekCk9czSrbELId1J2adAiSQRILuc-kP7DzBLzuOhULT8

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage function| clarity object| __INITIAL_STATE__ object| webpackJsonp object| dataLayer function| gtag object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 9f74c0dfc1b04758bc64287fd73b43a0.20240616.20250616
.nbcnewscde.link/ Name: _clck
Value: yizdk0%7C2%7Cfmo%7C0%7C1628
.nbcnewscde.link/ Name: _ga_K0Q7PRSWL0
Value: GS1.1.1718499491.1.0.1718499491.0.0.0
.nbcnewscde.link/ Name: _ga
Value: GA1.1.1188200995.1718499491
.bing.com/ Name: MUID
Value: 15E6FD42CD4967701555E9E2CC9B6612
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 15E6FD42CD4967701555E9E2CC9B6612
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 15E6FD42CD4967701555E9E2CC9B6612
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.nbcnewscde.link/ Name: _clsk
Value: 1s6rrcj%7C1718499491625%7C1%7C1%7Cr.clarity.ms%2Fcollect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.webfx.com
c.bing.com
c.clarity.ms
fearoflanding.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
gbw.cmpc.fun
nbcnewscde.link
pagead2.googlesyndication.com
r.clarity.ms
region1.google-analytics.com
s30378.pcdn.co
static.cdns.space
tpc.googlesyndication.com
unitingaviation.com
www.clarity.ms
www.flightradar24.com
www.googletagmanager.com
www.universalweather.com
pagead2.googlesyndication.com
104.18.97.112
119.8.184.92
130.211.28.102
172.67.180.168
172.67.208.29
18.245.46.123
192.124.249.58
20.119.174.243
2001:4860:4802:34::36
216.58.206.66
2620:12a:8001::3
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:803::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2001
34.120.220.213
68.219.88.97
06dc95ebccdc6c2f7fb67ac1317a8906ba3dc612870befcdc0453a7e22aa9e30
1867103221d661e54c1578fde84ef2ae26b30032de844760fd4e5c347bd06f8f
2b52caddecc00d834db84af3ea143970d26ed06ba594d5cf340b9c8f77d4c3ce
2d888d1a1a95aed1aedfff14ed06d498fc36f46d3141e9e396990e222fcd08d4
4cebc0ae540c98fe572ee900c9b547cb2b3a1c1736a15cec39556c82ca073f69
53421cb8a1dee93003bb21a13dfd51cc2a74ecff86bc0adf6693319da2913667
5519b4aac40cd09c1272435a418262424952157cc9b540eb9273346de1c75e15
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bb9c05d65e1419f6674d465480ef4c185c7703f0c83556907e5289045abd46
62de50eb0d5a2ff6fd80872df6ddf0ae1cf88144964695b5b353637dbcb2865b
715db1f24d0c5413ae2b33325be71094108fee71441fdb921c61bc874d0fb53d
7570b6c8a68ea4d88f47344601e2aa665666629233b8cf826694b1507377183d
81861971cd791419ec12f3976ec09c37800d68e0f577d7342b1c92e5ad0adb01
81cfd5a6139bef8ca4a6119ce20e9f674fc1c92fcc6a09dc4cdb7a9b4c10cb71
86c9999ec89373df4022ca828ca9bfa055b11836e9119211d794a68710589c0a
879a8ff307ce35a2d4087794dbf886d7d3e6d8a9b78d36eac890b506822fb674
98f7b3d3150a2fcc6bc0d44bc4bcae45ed92bc1039137ac66cc883c1fb0c14b6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e882157a5cbe70ec59afff290d7aa8f86f07fd7a65117676c4f68f1cb268493
9fac4dc5ceeb61b115ee4062fce66c598eb77eca646e1584dffa40aadc862fb1
b272389cdb9f185d96315c94e58c8d17ba67002edd076c8fadbd92d91de09051
b675d0296b26de43004d2887a5b71236c0c9cadcb3da5b3e452041aff92ac8f7
e356a6c277b56328f350f27935ea9d59d653a2aecac0aeb2393e6ddc5a7c2a04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42aa6daf9c9c3ce2ab416232728f12bc689d40b0fb74bcfe59ca229385be7b0
ecca21d29891d8a2205f4c6921218c7ab109f8885968a40f3d6c2e18172e1058
f6c40e9d31e3d6ebd418ab3cf2dd8dbdebdc9e0c774d3dafed40338120771223
fd9e65a32d833234a0374782a9e9eb8a622c8eb6cad3babbb9260d5723a39eed