urlscan.io logo urlscan.io
SecurityTrails logo

nxslink.thehill.com Open in urlscan Pro
107.20.71.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nxslink.thehill.com/oc/6230d993b246d10495313c6dl46hs.nc0/d35efce8
Effective URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Submission: On May 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 19 domains to perform 32 HTTP transactions. The main IP is 107.20.71.201, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is nxslink.thehill.com. The Cisco Umbrella rank of the primary domain is 414003.
TLS certificate: Issued by R3 on April 26th 2024. Valid for: 3 months.
This is the only time nxslink.thehill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 107.20.71.201 14618 (AMAZON-AES)
1 18.66.192.76 16509 (AMAZON-02)
1 151.101.2.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.173.187.41 16509 (AMAZON-02)
2 52.71.31.245 14618 (AMAZON-AES)
1 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.138.32.174 16509 (AMAZON-02)
1 54.230.228.100 16509 (AMAZON-02)
1 108.138.36.89 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 108.138.36.86 16509 (AMAZON-02)
2 2.19.217.101 16625 (AKAMAI-AS)
1 1 3.234.115.203 14618 (AMAZON-AES)
1 172.217.23.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 18.173.187.36 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.231.201.129 16509 (AMAZON-02)
32 20
2    107.20.71.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-71-201.compute-1.amazonaws.com
nxslink.thehill.com
1    18.66.192.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-76.muc50.r.cloudfront.net
cdn.blueconic.net
1    151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
segment.psg.nexstardigital.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.173.187.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-41.muc50.r.cloudfront.net
media.sailthru.com
2    52.71.31.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-31-245.compute-1.amazonaws.com
nexstar.blueconic.net
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.138.32.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-32-174.muc50.r.cloudfront.net
cdn.segment.com
1    54.230.228.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-100.muc50.r.cloudfront.net
ats.rlcdn.com
1    108.138.36.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-89.muc50.r.cloudfront.net
geo.privacymanager.io
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    108.138.36.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-86.muc50.r.cloudfront.net
sb.scorecardresearch.com
2    2.19.217.101 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com
a.teads.tv
at.teads.tv
1    3.234.115.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-115-203.compute-1.amazonaws.com
cm2.lotlinx.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
9    18.173.187.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-36.muc50.r.cloudfront.net
blue.thehill.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.231.201.129 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
email-media.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
11 thehill.com
nxslink.thehill.com — Cisco Umbrella Rank: 414003
blue.thehill.com — Cisco Umbrella Rank: 52294
174 KB
3 blueconic.net
cdn.blueconic.net — Cisco Umbrella Rank: 14356
nexstar.blueconic.net — Cisco Umbrella Rank: 19346
52 KB
2 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1561
at.teads.tv — Cisco Umbrella Rank: 6185
4 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 191
3 KB
2 sailthru.com
media.sailthru.com — Cisco Umbrella Rank: 14171
41 KB
1 amazonaws.com
email-media.s3.amazonaws.com — Cisco Umbrella Rank: 166542
20 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 google.de
ampcid.google.de — Cisco Umbrella Rank: 106495
371 B
1 google.com
ampcid.google.com — Cisco Umbrella Rank: 3199
442 B
1 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 272
409 B
1 lotlinx.com
cm2.lotlinx.com — Cisco Umbrella Rank: 22306
309 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1924
625 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 5585
37 KB
1 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1845
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
103 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
51 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
1 nexstardigital.net
segment.psg.nexstardigital.net — Cisco Umbrella Rank: 16106
80 KB
32 19
Domain Requested by
9 blue.thehill.com cdn.blueconic.net
2 sb.scorecardresearch.com nxslink.thehill.com
2 nexstar.blueconic.net cdn.blueconic.net
2 media.sailthru.com nxslink.thehill.com
2 nxslink.thehill.com 1 redirects
1 email-media.s3.amazonaws.com
1 fonts.gstatic.com fonts.googleapis.com
1 ampcid.google.de www.google-analytics.com
1 at.teads.tv a.teads.tv
1 ampcid.google.com www.google-analytics.com
1 cm.g.doubleclick.net nxslink.thehill.com
1 cm2.lotlinx.com 1 redirects
1 a.teads.tv www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 geo.privacymanager.io ats.rlcdn.com
1 ats.rlcdn.com segment.psg.nexstardigital.net
1 cdn.segment.com segment.psg.nexstardigital.net
1 www.googletagmanager.com segment.psg.nexstardigital.net
1 pagead2.googlesyndication.com segment.psg.nexstardigital.net
1 fonts.googleapis.com nxslink.thehill.com
1 segment.psg.nexstardigital.net nxslink.thehill.com
1 cdn.blueconic.net nxslink.thehill.com
32 22

This site contains links to these domains. Also see Links.

Domain
thehill.com
cb.sailthru.com
www.nexstar.tv
Subject Issuer Validity Valid
nxslink.thehill.com
R3		 2024-04-26 -
2024-07-25		 3 months crt.sh
*.blueconic.net
Amazon RSA 2048 M02		 2024-05-08 -
2025-06-06		 a year crt.sh
*.psg.nexstardigital.net
R3		 2024-04-13 -
2024-07-12		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
media.sailthru.com
Amazon RSA 2048 M02		 2024-03-05 -
2025-04-02		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-06 -
2025-03-05		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
teads.tv
R3		 2024-04-12 -
2024-07-11		 3 months crt.sh
*.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
blue.cw7az.com
Amazon RSA 2048 M02		 2024-03-11 -
2025-04-09		 a year crt.sh
*.google.de
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Frame ID: 629DAE7430B8D0F8AE13B8FD012B599C
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Hill Preference Center

Page URL History Show full URLs

  1. https://nxslink.thehill.com/oc/6230d993b246d10495313c6dl46hs.nc0/d35efce8 HTTP 302
    https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

32
Requests

97 %
HTTPS

29 %
IPv6

19
Domains

22
Subdomains

20
IPs

3
Countries

605 kB
Transfer

1867 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nxslink.thehill.com/oc/6230d993b246d10495313c6dl46hs.nc0/d35efce8 HTTP 302
    https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://cm2.lotlinx.com/live/141000/sync?hms HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=lemonfree&google_hm=OGIzYzU0YTkzZWI1NzQyMjM3NzJlOTdh&google_ula=500446778&google_redir=https%3A%2F%2Fcm.lotlinx.com%2Flive%2F141000%2Fendsync

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request oc
nxslink.thehill.com/manage/7aa/
Redirect Chain
  • https://nxslink.thehill.com/oc/6230d993b246d10495313c6dl46hs.nc0/d35efce8
  • https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.71.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-71-201.compute-1.amazonaws.com
Software
Sailthru /
Resource Hash
0ff8ed9094a8c4dca8a23d1b6f9a8651a4338535f2170e881bbbeb5ab0bb6940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

connection
close
content-encoding
gzip
content-length
2362
content-type
text/html; charset=UTF-8
date
Wed, 22 May 2024 20:31:21 GMT
server
Sailthru
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
noindex
x-xss-protection
1; mode=block

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 22 May 2024 20:31:21 GMT
location
https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
server
Sailthru
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
x-xss-protection
1; mode=block
nexstar.js
cdn.blueconic.net/ 		163 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.blueconic.net/nexstar.js
Requested by
Host: nxslink.thehill.com
URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-76.muc50.r.cloudfront.net
Software
- /
Resource Hash
b0688d0087e14d9ee406feb8b371816c02cb8236392f7a6a82c5922e7405ff34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P1
age
392
x-cache
Hit from cloudfront
content-length
50805
x-xss-protection
1; mode=block
last-modified
Wed, 17 Apr 2024 08:02:31 GMT
server
-
etag
"28c18-6164646cfcbe8-gzip"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=600, s-maxage=500
accept-ranges
none
x-robots-tag
noindex, nofollow
x-amz-cf-id
pI7evWLV3jh8mzojCFKFMAQlHMj5Ceo0CNiYRhCaiWTQQt7KqTo4Aw==
sailthru.js
segment.psg.nexstardigital.net/ 		277 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://segment.psg.nexstardigital.net/sailthru.js
Requested by
Host: nxslink.thehill.com
URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
520d757a2713c70cc657391148a3dc1da39b1a438bab2cbdc9308b12d88bcf03
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:31:22 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
877EAJC4F1C3BY5X
age
51
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:564329123274:build/prod-frontend-segment:80431386-8d2f-48df-8379-6c202ac1ab49
x-cache
HIT
x-amz-meta-codebuild-content-md5
4d3242768671f023d5fec29b7dbd5d8e
content-length
80937
x-amz-id-2
G3GlnxaNeqXsSwPep1pZF/35lUfhnMTInSFx0FBF6rxfXNN3A459Lz7/FlljjUSagCzuShglIxM=
x-served-by
cache-fra-etou8220036-FRA
last-modified
Tue, 21 May 2024 20:27:46 GMT
server
AmazonS3
x-timer
S1716409882.086338,VS0,VE1
etag
"ab7ffd86727ede68598f7646910c127a"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
b15e67aefb33e8763f12d528f253c536760bd4d4d502cbf6900438fd40ec6183
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
1
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed&family=Roboto&display=swap
Requested by
Host: nxslink.thehill.com
URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e40a3c08508d42f2c88bf91a619062de829c71d0c7f6e86530676646e9c2b21e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 May 2024 20:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 May 2024 20:31:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 May 2024 20:31:22 GMT
thehill-logo-big.png
media.sailthru.com/composer/images/sailthru-prod-7aa/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-7aa/thehill-logo-big.png
Requested by
Host: nxslink.thehill.com
URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
278a455a25f94637eec7d83c9d561b24d9e0823eec7c4474c64781594f3d58ab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 20:17:26 GMT
Via
1.1 c318f6c5edde4e7ab2b9ba2243b14b28.cloudfront.net (CloudFront)
Last-Modified
Fri, 08 Apr 2022 14:39:47 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P4
Age
837
ETag
"e5dcd074a537ef1213cd65cca4796edc"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2353
X-Amz-Cf-Id
2t6fyFxLn-73p9WNE3fOt67X6bLc_gE-sCIvOosO8aOgRhR_BJrj3g==
62321b69eb257.png
media.sailthru.com/7ab/1k6/3/g/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sailthru.com/7ab/1k6/3/g/62321b69eb257.png
Requested by
Host: nxslink.thehill.com
URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-41.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
792044e8e6c160845b17a4253e179901c034aab34d95b76ba8cc2306f1015e7a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 08:52:50 GMT
Via
1.1 99a7400285d83f528f50f54d665628e2.cloudfront.net (CloudFront)
Last-Modified
Wed, 16 Mar 2022 17:16:26 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P4
Age
47489
ETag
"a5e03e0c083fd0e180c3bc1e8e84122f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38304
X-Amz-Cf-Id
RVArcGF9eL1felE6vSJ5FRYJNwXNIjwvo6Kjtz-_8upKsjHGeO5Kaw==
cs
nexstar.blueconic.net/DG/DEFAULT/ 		16 B
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json193
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.71.31.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-31-245.compute-1.amazonaws.com
Software
- /
Resource Hash
6cb69308ca1845623fa7e671cb91a6847f3ca907a8bdf0550b8917e25c8347f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 22 May 2024 20:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: segment.psg.nexstardigital.net
URL: https://segment.psg.nexstardigital.net/sailthru.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f265a2489f5bd1ceaa291356ac11ac2fb8a7dd834c4224580222bc26e1079c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:31:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51970
x-xss-protection
0
server
cafe
etag
12973304872689301150
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 22 May 2024 20:31:22 GMT
gtm.js
www.googletagmanager.com/ 		370 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJJZHXD
Requested by
Host: segment.psg.nexstardigital.net
URL: https://segment.psg.nexstardigital.net/sailthru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2bb8133e2ac2a6977c3f7312c5c37cfae7d55739da60def4ce31774725b31a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:31:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105517
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 May 2024 20:31:22 GMT
settings
cdn.segment.com/v1/projects/7pQqdpSKE8rc12w83fBiAoQVD4llInQJ/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/7pQqdpSKE8rc12w83fBiAoQVD4llInQJ/settings
Requested by
Host: segment.psg.nexstardigital.net
URL: https://segment.psg.nexstardigital.net/sailthru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.32.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-32-174.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e8435ec0fdde63431cd878c503652d9d266c6db1151a10f7aee570de294a441

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
12cp5xy8XxLIymNRkqmx2.hgcjr0jsMh
content-encoding
br
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
date
Wed, 22 May 2024 20:31:22 GMT
x-amz-cf-pop
MUC50-P2
age
10524
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 25 Apr 2024 17:24:51 GMT
server
AmazonS3
etag
W/"1c9c47281562cf7b5bc1e21b77e9b642"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
EBnAsT0jBgw3F-0Gz9hx6Y7aykkZfdMKUDHomNDvuNvRUG197umPiw==
ats.js
ats.rlcdn.com/ 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: segment.psg.nexstardigital.net
URL: https://segment.psg.nexstardigital.net/sailthru.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-100.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
F5G4x7igSyEInzmeTLVI9fM7V7EmySpG
content-encoding
gzip
via
1.1 b10eef4dff0375003ae9795596a9615c.cloudfront.net (CloudFront)
date
Wed, 22 May 2024 04:04:08 GMT
last-modified
Wed, 13 Mar 2024 08:09:48 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P5
age
59235
x-amz-server-side-encryption
AES256
etag
W/"b248cc9d0fdeb36bdeb7efabad1132ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
oPuG901_ijS-9jKxETEQvSVdwQX2zR6qkqvtba3iikEox1qjiq4EPg==
/
geo.privacymanager.io/ 		28 B
625 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-89.muc50.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 02:32:30 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront), 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MUC50-P2
age
64732
x-amzn-trace-id
Root=1-664d593e-573beb0e741b165a73b08569;Parent=6c3d9b2c34d21b4e;Sampled=0;lineage=06620786:0
x-amzn-requestid
3aff1531-aa24-4faf-9512-5b065b574fe1
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
YJrhwFTijoEELSQ=
content-length
28
x-amz-cf-id
URoGC5kbzjboq2rhleXSvIU1IuCt4b0Ns2LAMc7_KdHYoDlLlTbAnQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJJZHXD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 May 2024 20:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
134
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 22 May 2024 22:29:08 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: nxslink.thehill.com
URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-86.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 00:39:22 GMT
content-encoding
gzip
via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
last-modified
Fri, 03 May 2024 13:20:45 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
71553
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
_CODGiJDJ0PT7nbNu5gRuUX-tLu0T6vkmFTEWjvhEg_DFvvMpTyKfA==
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJJZHXD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
IwRCxZF1T4gMT4TMeNkDrOCkruVfKfAe
date
Wed, 22 May 2024 20:31:22 GMT
content-encoding
br
last-modified
Wed, 28 Feb 2024 14:26:38 GMT
x-amz-request-id
HGBZJM9R3P9F2FZS
etag
"d86492df4bad2a485597bfa437c78ad2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3393
x-amz-id-2
RfKQPGsIOfNW0/HBqoM2w7i3CPVvrnCnUONTJFAVH00Ucl2NzMAqWeTH37dXsXdrbwJD0WJZqrg=
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://cm2.lotlinx.com/live/141000/sync?hms
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=lemonfree&google_hm=OGIzYzU0YTkzZWI1NzQyMjM3NzJlOTdh&google_ula=500446778&google_redir=https%3A%2F%2Fcm.lotlinx.com%2Flive%2F141000%2Fendsync
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=lemonfree&google_hm=OGIzYzU0YTkzZWI1NzQyMjM3NzJlOTdh&google_ula=500446778&google_redir=https%3A%2F%2Fcm.lotlinx.com%2Flive%2F141000%2Fendsync
Requested by
Host: nxslink.thehill.com
URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://nxslink.thehill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 May 2024 20:31:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=lemonfree&google_hm=OGIzYzU0YTkzZWI1NzQyMjM3NzJlOTdh&google_ula=500446778&google_redir=https%3A%2F%2Fcm.lotlinx.com%2Flive%2F141000%2Fendsync
date
Wed, 22 May 2024 20:31:22 GMT
content-length
0
publisher:getClientId
ampcid.google.com/v1/ 		74 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 20:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nxslink.thehill.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036439&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1716409882405&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fnxslink.thehill.com%2Fmanage%2F7aa%2Foc%3Fmessage_id%3D35466976.00030240%26hash%3Dd35efce8&c8=The%20Hill%20Preference%20Center&c9=
Requested by
Host: nxslink.thehill.com
URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-86.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 20:31:22 GMT
via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
NU6V9BJib4wNu2P5Z0cQmicAhRWM_9hT7GPbvzuE5sOGVmz6uiuHbA==
x-cache
Miss from cloudfront
192
blue.thehill.com/DG/DEFAULT/rest/rpc/ 		113 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.thehill.com/DG/DEFAULT/rest/rpc/192?referer=https%3A%2F%2Fnxslink.thehill.com%2Fmanage%2F7aa%2Foc%3Fmessage_id%3D35466976.00030240%26hash%3Dd35efce8&bcsessionid=&bctempid=&overruleReferrer=&time=2024-05-22T22%3A31%3A22%2B02%3A00&ts=1716409882433
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
- /
Resource Hash
6653b3d98acd7ab830b38951155d33d9eaf4f07286a333e69a342ab10d00247c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 20:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
16449
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nxslink.thehill.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
4vQxaqZyqXUCwPQYtWienMCDp-Qon7KdKYYsedd8MUrBxERRjdssmg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
fpc
at.teads.tv/ 		0
187 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_21595&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=90769f5&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-101.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 22 May 2024 20:31:22 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nxslink.thehill.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Wed, 22 May 2024 20:31:22 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 20:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nxslink.thehill.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
dc81743d452bd64ea295851cb1cc09a4
blue.thehill.com/plugin/plugin/ 		167 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.thehill.com/plugin/plugin/dc81743d452bd64ea295851cb1cc09a4
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
- /
Resource Hash
3ff77173faa08e27210d18fcec1f06df48ff19ce8d5411a40a35bb2563096eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 07:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P4
age
653276
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
38599
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 07:03:26 GMT
server
-
etag
dc81743d452bd64ea295851cb1cc09a4
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
Lhf_IHe83CHnyeHtMLSoDBSjPs2-1M-H4U7Rb-eyYbjOhofCkifTag==
expires
Thu, 15 May 2025 07:03:26 GMT
76b9e8efcb571f19aa63cde7f3c8d1a4
blue.thehill.com/plugin/library/ 		337 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blue.thehill.com/plugin/library/76b9e8efcb571f19aa63cde7f3c8d1a4
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
- /
Resource Hash
bc3f35e661ad741e510b4b24181e0b2c773607ba5b85de2173f3b78993525be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 07:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P4
age
653276
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
106140
x-xss-protection
1; mode=block
last-modified
Tue, 14 May 2024 07:03:26 GMT
server
-
etag
76b9e8efcb571f19aa63cde7f3c8d1a4
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
0UvY5qEacLu9RKFpmhZjsgfNm9KJiLiOMLspkmwmGNqzenLvg_6pBw==
expires
Thu, 15 May 2025 07:03:26 GMT
LB-Zone-3
blue.thehill.com/DG/DEFAULT/rest/rpc/192/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.thehill.com/DG/DEFAULT/rest/rpc/192/LB-Zone-3?referer=https%3A%2F%2Fnxslink.thehill.com%2Fmanage%2F7aa%2Foc%3Fmessage_id%3D35466976.00030240%26hash%3Dd35efce8&bcsessionid=&bctempid=145aca00-500e-4cc0-8576-7168a98dc420&overruleReferrer=&time=2024-05-22T22%3A31%3A23%2B02%3A00&ts=1716409883002
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
- /
Resource Hash
1e03f95dfee1d4a0de7c7af30cfc4be759a84fb059d39c381ffad47db22a5996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 20:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1399
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nxslink.thehill.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
LBhr4uXzT5GaZME-Hp4qjGl1koXhogosxcWwJv6Mp4aLnbKnkvsI_A==
expires
Thu, 01 Jan 1970 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://nxslink.thehill.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 21:15:07 GMT
x-content-type-options
nosniff
age
83776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 21:15:07 GMT
sailthru_icons_product_Full%20Control.png
email-media.s3.amazonaws.com/Sailthru/default/images/ 		20 KB
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://email-media.s3.amazonaws.com/Sailthru/default/images/sailthru_icons_product_Full%20Control.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.201.129 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a4ba641877dc74a91c98db4f3e83410982681ed21cc77826433d3c2b455719e6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 20:31:24 GMT
Last-Modified
Tue, 25 Oct 2016 16:03:32 GMT
Server
AmazonS3
x-amz-request-id
YABMT0Q5BX7MG6Y2
ETag
"c8d07d1102f3af35beec41e3c11e3ce2"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
19999
x-amz-id-2
JvHf8JsxpLsAM16eBp4P3gVsHJpbK66+XhQOqTxslt23chzcnkL5xx1W4YK5XDG7fQDkb4LtE3g=
192
blue.thehill.com/DG/DEFAULT/rest/rpc/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.thehill.com/DG/DEFAULT/rest/rpc/192?referer=https%3A%2F%2Fnxslink.thehill.com%2Fmanage%2F7aa%2Foc%3Fmessage_id%3D35466976.00030240%26hash%3Dd35efce8&bcsessionid=145aca00-500e-4cc0-8576-7168a98dc420&bctempid=&overruleReferrer=&time=2024-05-22T22%3A31%3A23%2B02%3A00&ts=1716409883320
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
- /
Resource Hash
30a97ed6233df5ae4dd7aaa690e49d92af6c997f543db5b446fce8a238ccd219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 20:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
3055
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nxslink.thehill.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
o4NEgCKQVIhwWiLmo7ZTs49axP-pDIYioE_YEZ6jWwXw1cmMAcenmw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
192
blue.thehill.com/DG/DEFAULT/rest/rpc/ 		553 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.thehill.com/DG/DEFAULT/rest/rpc/192?referer=https%3A%2F%2Fnxslink.thehill.com%2Fmanage%2F7aa%2Foc%3Fmessage_id%3D35466976.00030240%26hash%3Dd35efce8&bcsessionid=145aca00-500e-4cc0-8576-7168a98dc420&bctempid=&overruleReferrer=&time=2024-05-22T22%3A31%3A23%2B02%3A00&ts=1716409883329
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
- /
Resource Hash
83f4eefa184dfe58d787a20473472f1a2aaa58eeba65646131b7ec9d812bacfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 20:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
177
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nxslink.thehill.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
dHhas1c78Q2nzGStxCmYhQHW8KKEmYDLEFqw0sT7fm7qdftqdTRHiw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
192
blue.thehill.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.thehill.com/DG/DEFAULT/rest/rpc/192?referer=https%3A%2F%2Fnxslink.thehill.com%2Fmanage%2F7aa%2Foc%3Fmessage_id%3D35466976.00030240%26hash%3Dd35efce8&bcsessionid=145aca00-500e-4cc0-8576-7168a98dc420&bctempid=&overruleReferrer=&time=2024-05-22T22%3A31%3A23%2B02%3A00&ts=1716409883329
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
- /
Resource Hash
45c328962be9d6e175bb7824efe0cd98d3c16f31308775e206eed274f6828816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 20:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
166
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nxslink.thehill.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
gUF7TMqd_pBMalAc8w1XYQA4BNmUivamin82DYrjpRIaHrE1GR0xuw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
192
blue.thehill.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.thehill.com/DG/DEFAULT/rest/rpc/192?referer=https%3A%2F%2Fnxslink.thehill.com%2Fmanage%2F7aa%2Foc%3Fmessage_id%3D35466976.00030240%26hash%3Dd35efce8&bcsessionid=145aca00-500e-4cc0-8576-7168a98dc420&bctempid=&overruleReferrer=&time=2024-05-22T22%3A31%3A23%2B02%3A00&ts=1716409883331
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
- /
Resource Hash
58ae438764d036ae7089097bde55ea113c8563a6819233b6653dcc22a89a3c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 20:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
165
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nxslink.thehill.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
6l0NhWod4jD_iKsettcdhdgJ7pmYctgfrXgEJY1BMJ65LNtQF7MIEw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
nexstar.blueconic.net/DG/DEFAULT/ 		66 B
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=145aca00-500e-4cc0-8576-7168a98dc420&&callback=bc_json194
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.71.31.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-31-245.compute-1.amazonaws.com
Software
- /
Resource Hash
d73438e787b8b69faead723f58d19a68f78b00d9713452ec4a039677a4a34e5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 22 May 2024 20:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
192
blue.thehill.com/DG/DEFAULT/rest/rpc/ 		185 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://blue.thehill.com/DG/DEFAULT/rest/rpc/192?referer=https%3A%2F%2Fnxslink.thehill.com%2Fmanage%2F7aa%2Foc%3Fmessage_id%3D35466976.00030240%26hash%3Dd35efce8&bcsessionid=145aca00-500e-4cc0-8576-7168a98dc420&bctempid=&overruleReferrer=&time=2024-05-22T22%3A31%3A23%2B02%3A00&ts=1716409883332
Requested by
Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/nexstar.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-36.muc50.r.cloudfront.net
Software
- /
Resource Hash
1922e3048a2ba8e6dd25a1a4505f9bf5641fe7aba88aacde68e2dec3e082ca4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://nxslink.thehill.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 May 2024 20:31:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 25a522e44c88aba621285693935f1eaa.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
165
x-xss-protection
1; mode=block
pragma
no-cache
server
-
accept-ch
sec-ch-ua-platform-version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nxslink.thehill.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
JBbFc0ySiPp1h5vnmMVSK7FbwRE0v0okn9XX2qDhZ1bYUtyjLD0paA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| blueConicPreListeners function| BCClass object| blueConicClient object| regeneratorRuntime object| __SEGMENT_INSPECTOR__ object| adobeDataLayer object| NXSTdata string| site_code object| dataLayer object| analytics function| clearImmediate function| setImmediate object| ats object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| hm undefined| ccValue string| GoogleAnalyticsObject function| ga object| csData string| cfr object| _comscore object| el object| teads_analytics object| hLinks object| gaplugins object| COMSCORE object| ns_p object| bc_json193 object| gaGlobal object| gaData function| $ object| _bcp function| BlueConicEngagement function| RuleService function| FormRuleService object| justDetectAdblock object| bcConnectionUtil function| BlueConicDataLayerUtility function| md5 function| BlueConicMetaDataService string| _contentURL string| _title object| evaluatedNLP object| bc_json194

14 Cookies

Domain/Path Name / Value
blue.thehill.com/DG/DEFAULT Name: BCSessionID
Value: 145aca00-500e-4cc0-8576-7168a98dc420
nexstar.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 145aca00-500e-4cc0-8576-7168a98dc420
.thehill.com/ Name: sailthru_hid
Value: bfb9b2d66258cfaf347419210ffd395a6230d993b246d10495313c6d73798d9e452919411184b74c0afaf585
.thehill.com/ Name: sailthru_bid
Value: 35466976.00030240
nxslink.thehill.com/ Name: last_visit_bc
Value: 1716409882116
.thehill.com/ Name: seg_sessionid
Value: 65237df2-b03c-43c6-8469-5cbb201a8628
nxslink.thehill.com/ Name: _lr_geo_location
Value: DE
.thehill.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.thehill.com/ Name: _ga
Value: GA1.2.1211120173.1716409883
.thehill.com/ Name: _gid
Value: GA1.2.743593706.1716409883
nxslink.thehill.com/ Name: BCSessionID
Value: 145aca00-500e-4cc0-8576-7168a98dc420
nexstar.blueconic.net/ Name: AWSALBCORS
Value: tSBbaiokKmDlqFSbD6cSZ2h5/IlKV+UeVx2JWVJmSOrGsCSEkdPqw/5a9I5PnWwgUBV+rKGd8HqZSgFEgyqNCpDue+0vItK7D3vf4gXd5Nqsx0MzniTuC25cqt59
blue.thehill.com/ Name: AWSALB
Value: EL4PeR0pkPVhjJYKtQghBrI13TEehhfbfumSmrf+ozwdtpT1MIXn7N2uadSlal32ks3OTr9oLTiqRSRTXhd+Gm69CizGdPpQ4Lcsw+OcDfpRQ4Bh2CfukrxTcwMn
blue.thehill.com/ Name: AWSALBCORS
Value: EL4PeR0pkPVhjJYKtQghBrI13TEehhfbfumSmrf+ozwdtpT1MIXn7N2uadSlal32ks3OTr9oLTiqRSRTXhd+Gm69CizGdPpQ4Lcsw+OcDfpRQ4Bh2CfukrxTcwMn

4 Console Messages

Source Level URL
Text
other warning URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://nxslink.thehill.com/manage/7aa/oc?message_id=35466976.00030240&hash=d35efce8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ampcid.google.com
ampcid.google.de
at.teads.tv
ats.rlcdn.com
blue.thehill.com
cdn.blueconic.net
cdn.segment.com
cm.g.doubleclick.net
cm2.lotlinx.com
email-media.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
media.sailthru.com
nexstar.blueconic.net
nxslink.thehill.com
pagead2.googlesyndication.com
sb.scorecardresearch.com
segment.psg.nexstardigital.net
www.google-analytics.com
www.googletagmanager.com
107.20.71.201
108.138.32.174
108.138.36.86
108.138.36.89
142.250.184.226
151.101.2.133
172.217.23.98
18.173.187.36
18.173.187.41
18.66.192.76
2.19.217.101
2a00:1450:4001:803::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
3.234.115.203
52.71.31.245
54.230.228.100
54.231.201.129
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ff8ed9094a8c4dca8a23d1b6f9a8651a4338535f2170e881bbbeb5ab0bb6940
1922e3048a2ba8e6dd25a1a4505f9bf5641fe7aba88aacde68e2dec3e082ca4c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e03f95dfee1d4a0de7c7af30cfc4be759a84fb059d39c381ffad47db22a5996
278a455a25f94637eec7d83c9d561b24d9e0823eec7c4474c64781594f3d58ab
30a97ed6233df5ae4dd7aaa690e49d92af6c997f543db5b446fce8a238ccd219
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3ff77173faa08e27210d18fcec1f06df48ff19ce8d5411a40a35bb2563096eca
45c328962be9d6e175bb7824efe0cd98d3c16f31308775e206eed274f6828816
520d757a2713c70cc657391148a3dc1da39b1a438bab2cbdc9308b12d88bcf03
58ae438764d036ae7089097bde55ea113c8563a6819233b6653dcc22a89a3c87
6653b3d98acd7ab830b38951155d33d9eaf4f07286a333e69a342ab10d00247c
6cb69308ca1845623fa7e671cb91a6847f3ca907a8bdf0550b8917e25c8347f9
6e8435ec0fdde63431cd878c503652d9d266c6db1151a10f7aee570de294a441
792044e8e6c160845b17a4253e179901c034aab34d95b76ba8cc2306f1015e7a
83f4eefa184dfe58d787a20473472f1a2aaa58eeba65646131b7ec9d812bacfb
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a4ba641877dc74a91c98db4f3e83410982681ed21cc77826433d3c2b455719e6
b0688d0087e14d9ee406feb8b371816c02cb8236392f7a6a82c5922e7405ff34
bc3f35e661ad741e510b4b24181e0b2c773607ba5b85de2173f3b78993525be7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d73438e787b8b69faead723f58d19a68f78b00d9713452ec4a039677a4a34e5b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2bb8133e2ac2a6977c3f7312c5c37cfae7d55739da60def4ce31774725b31a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40a3c08508d42f2c88bf91a619062de829c71d0c7f6e86530676646e9c2b21e
f265a2489f5bd1ceaa291356ac11ac2fb8a7dd834c4224580222bc26e1079c59
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615