URL: https://user.subsystemsselv.tk/
Submission: On April 06 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 40 IPs in 7 countries across 28 domains to perform 186 HTTP transactions. The main IP is 23.227.196.57, located in Chicago, United States and belongs to HVC-AS, US. The main domain is user.subsystemsselv.tk.
TLS certificate: Issued by R3 on April 6th 2023. Valid for: 3 months.
This is the only time user.subsystemsselv.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 23.227.196.57 29802 (HVC-AS)
2 2.18.232.60 16625 (AKAMAI-AS)
57 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 33 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
17 151.101.1.44 54113 (FASTLY)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 151.101.193.44 54113 (FASTLY)
2 13.32.121.37 16509 (AMAZON-02)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
4 141.226.228.48 200478 (TABOOLA-AS)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
9 2a00:1450:400... 15169 (GOOGLE)
3 3.33.220.150 16509 (AMAZON-02)
2 2a05:d018:d29... 16509 (AMAZON-02)
4 2.19.229.113 16625 (AKAMAI-AS)
3 108.138.1.25 16509 (AMAZON-02)
1 52.23.30.202 14618 (AMAZON-AES)
4 104.109.78.125 16625 (AKAMAI-AS)
2 52.210.113.137 16509 (AMAZON-02)
1 4 69.173.144.138 26667 (RUBICONPR...)
2 2600:9000:215... 16509 (AMAZON-02)
1 8.43.72.98 26667 (RUBICONPR...)
3 4 142.250.185.66 15169 (GOOGLE)
3 69.173.144.139 26667 (RUBICONPR...)
1 1 172.104.121.22 63949 (AKAMAI-AP...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 18.196.240.245 16509 (AMAZON-02)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 23.56.202.187 16625 (AKAMAI-AS)
1 108.138.4.150 16509 (AMAZON-02)
2 54.84.240.172 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
1 141.226.230.50 200478 (TABOOLA-AS)
1 2a00:1450:400... ()
5 2a00:1450:400... ()
1 2a00:1450:400... ()
5 2a00:1450:400... ()
2 2a00:1450:400... ()
2 52.50.253.161 ()
186 40
Apex Domain
Subdomains
Transfer
58 nbcnews.com
nodeassets.nbcnews.com — Cisco Umbrella Rank: 12212
www.nbcnews.com — Cisco Umbrella Rank: 12297
1 MB
33 s-nbcnews.com
media-cldnry.s-nbcnews.com — Cisco Umbrella Rank: 10832
media2.s-nbcnews.com — Cisco Umbrella Rank: 71354
305 KB
23 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 958
trc.taboola.com — Cisco Umbrella Rank: 682
vidstat.taboola.com — Cisco Umbrella Rank: 2801
am-trc-events.taboola.com — Cisco Umbrella Rank: 13974
imprammp.taboola.com — Cisco Umbrella Rank: 13160
am-match.taboola.com — Cisco Umbrella Rank: 12965
am-vid-events.taboola.com — Cisco Umbrella Rank: 12324
pips.taboola.com — Cisco Umbrella Rank: 1606
cds.taboola.com — Cisco Umbrella Rank: 1863
306 KB
13 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 577
token.rubiconproject.com — Cisco Umbrella Rank: 574
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1074
pixel.rubiconproject.com — Cisco Umbrella Rank: 340
micro.rubiconproject.com — Cisco Umbrella Rank: 3210
70 KB
12 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201
cm.g.doubleclick.net — Cisco Umbrella Rank: 228
164 KB
10 googlesyndication.com
pagead2.googlesyndication.com
e816958f4563d945ce24f89243701fda.safeframe.googlesyndication.com
tpc.googlesyndication.com
52 KB
5 nbcuni.com
mps.nbcuni.com — Cisco Umbrella Rank: 10379
video-ads-module.ad-tech.nbcuni.com — Cisco Umbrella Rank: 18149
mt.ssai-oneapp.nbcuni.com — Cisco Umbrella Rank: 48487
82 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 309
aax.amazon-adsystem.com — Cisco Umbrella Rank: 412
59 KB
4 moatads.com
z.moatads.com — Cisco Umbrella Rank: 483
mb.moatads.com — Cisco Umbrella Rank: 767
geo.moatads.com
195 KB
3 google.com
adservice.google.com
www.google.com
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 368
793 B
3 subsystemsselv.tk
user.subsystemsselv.tk
1 MB
2 moatpixel.com
nbcudisplay.s.moatpixel.com
520 B
2 krxd.net
beacon.krxd.net
792 B
2 amazonaws.com
91c52c2843194ea59fa75ef868a4aba7.mediatailor.us-east-1.amazonaws.com — Cisco Umbrella Rank: 57714
3 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
851 B
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
3 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3505
26 KB
1 googletagservices.com
www.googletagservices.com
49 KB
1 google.de
adservice.google.de
531 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 507
688 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 323
146 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1912
173 B
1 appier.net
rcp.c.appier.net — Cisco Umbrella Rank: 4148
369 B
1 admantx.com
usasync01.admantx.com — Cisco Umbrella Rank: 10593
209 B
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 416
303 B
1 akamaized.net
sprtsecureassets.akamaized.net — Cisco Umbrella Rank: 69094
297 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 452
196 KB
186 28
Domain Requested by
57 nodeassets.nbcnews.com user.subsystemsselv.tk
nodeassets.nbcnews.com
32 media-cldnry.s-nbcnews.com user.subsystemsselv.tk
11 cdn.taboola.com nodeassets.nbcnews.com
cdn.taboola.com
user.subsystemsselv.tk
8 securepubads.g.doubleclick.net mps.nbcuni.com
securepubads.g.doubleclick.net
user.subsystemsselv.tk
www.googletagservices.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 cm.g.doubleclick.net 3 redirects eus.rubiconproject.com
4 token.rubiconproject.com 1 redirects eus.rubiconproject.com
4 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
4 trc.taboola.com cdn.taboola.com
3 pixel.rubiconproject.com eus.rubiconproject.com
3 c.amazon-adsystem.com mps.nbcuni.com
c.amazon-adsystem.com
3 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
3 user.subsystemsselv.tk nodeassets.nbcnews.com
2 nbcudisplay.s.moatpixel.com
2 beacon.krxd.net
2 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 91c52c2843194ea59fa75ef868a4aba7.mediatailor.us-east-1.amazonaws.com user.subsystemsselv.tk
2 mt.ssai-oneapp.nbcuni.com user.subsystemsselv.tk
2 z.moatads.com mps.nbcuni.com
securepubads.g.doubleclick.net
2 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
2 am-trc-events.taboola.com user.subsystemsselv.tk
2 sb.scorecardresearch.com cdn.taboola.com
user.subsystemsselv.tk
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 mps.nbcuni.com mps.nbcuni.com
1 geo.moatads.com z.moatads.com
1 www.googletagservices.com securepubads.g.doubleclick.net
1 e816958f4563d945ce24f89243701fda.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 micro.rubiconproject.com mps.nbcuni.com
1 sync.mathtag.com 1 redirects
1 x.bidswitch.net eus.rubiconproject.com
1 tr.blismedia.com eus.rubiconproject.com
1 rcp.c.appier.net 1 redirects
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 mb.moatads.com z.moatads.com
1 usasync01.admantx.com mps.nbcuni.com
1 am-vid-events.taboola.com user.subsystemsselv.tk
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 video-ads-module.ad-tech.nbcuni.com user.subsystemsselv.tk
1 vidstat.taboola.com cdn.taboola.com
1 gum.criteo.com cdn.taboola.com
1 www.nbcnews.com nodeassets.nbcnews.com
1 sprtsecureassets.akamaized.net user.subsystemsselv.tk
1 assets.adobedtm.com user.subsystemsselv.tk
1 media2.s-nbcnews.com 1 redirects
186 51
Subject Issuer Validity Valid
user.subsystemsselv.tk
R3
2023-04-06 -
2023-07-05
3 months crt.sh
*.nbcuni.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-31 -
2024-01-03
a year crt.sh
*.nbcnews.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-10
a year crt.sh
*.s-nbcnews.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-14 -
2023-12-14
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2022-06-28 -
2023-06-30
a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3
2022-09-27 -
2023-10-29
a year crt.sh
*.scorecardresearch.com
Amazon RSA 2048 M02
2023-03-01 -
2024-01-28
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-09 -
2023-06-03
3 months crt.sh
ad-tech.nbcuni.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-20 -
2024-02-20
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-11-08 -
2023-05-03
6 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-18
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
*.admantx.com
SSL.com RSA SSL subCA
2022-05-24 -
2023-04-26
a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-05
a year crt.sh
mt.ssai-oneapp.nbcuni.com
Entrust Certification Authority - L1K
2022-04-21 -
2023-04-21
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-02-12 -
2023-05-13
3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-05 -
2023-05-04
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon
2022-06-15 -
2023-06-15
a year crt.sh
mediatailor.us-east-1.amazonaws.com
Amazon RSA 2048 M02
2023-03-01 -
2023-08-26
6 months crt.sh
*.google.de
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
*.google.com
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-27 -
2024-02-26
a year crt.sh

This page contains 10 frames:

Primary Page: https://user.subsystemsselv.tk/
Frame ID: 4FA5EFD7AAE1BF29E4F8751C44864533
Requests: 146 HTTP requests in this frame

Frame: https://user.subsystemsselv.tk/sigma.html?stream=NEWS_NOW&mvpdHash=&mpid=9f67abda-d9a0-467e-a01a-40d5a9ad388f&timestamp=1680754310907&usPrivacy=1---&autoplay=true&mutedAutoplay=true&token_Widevine=fbd7a5ec8946dcbd280c6adc7cd2d9edad415035b228ed405061e66a85af671c&token_Fairplay=334124df071ecd2d04d604ec8f5b85661671be6dfc4ca12ef484591fc1e54428&token_PlayReady=6e2ba810f3edc5d8f79b9334a8479c6c80777124bd8f232ff8d624bbdb17a08b&initialWidth=260&childId=core-video&parentTitle=NBC%20News%20-%20Breaking%20News%20%26%20Top%20Stories%20-%20Latest%20World%2C%20US%20%26%20Local%20News%20%7C%20NBC%20News&parentUrl=https%3A%2F%2Fuser.subsystemsselv.tk%2F
Frame ID: BF3A458F1F7F2EE28577278FE40D52A3
Requests: 5 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&cmcv=&pix=undefined&cb=1680754385772&uv=3265&tms=1680754385772&abt=nonrv_vA!rv0lcr_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7c9caefb-106c-4578-9b6e-aa06f88b31e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 06CCBF6473B4AE822E36B3CF34E3DCE4
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 78D7E4345D94278AB324701DE146348C
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 3D342AFB1B902EF708606116D8D239E4
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: F0A990BB650EFCB9AEB66541F372882A
Requests: 3 HTTP requests in this frame

Frame: https://e816958f4563d945ce24f89243701fda.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 225D1B4297863A109ECB77131B220C9D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoXiyBDGteNfsLAUs0ro_z_aKBf7g0CLL7pOqCvgW2ILxuSmd0JDyDQCDvA10Hp140xG2MxorEPPjb-e5JQNknRw2GwbGaDfa2WBLIpXaSL7QxZfkr2z1kQ4v2MNMcHlL9WE37b6L6D9Jo6KZSVRjzlJ1fXdppkyJOVJGIhc9yRYxjpt1aX4nN_R1Rdz7Fj47ynDf6svRVdnYQxIz1XhPkk8ULlPqz72x4uXOdur7b5m_6tVs6FVYaXVuXpgcJPc7sIuXye7Z7ppEr6_nF_pNvjz81NrobcHxEbLwBXITmPO5AFZA2szEWiXkb9R-vXkO5e8o0xUNp&sai=AMfl-YQJznBvX3lIcCtHDSWtyORFJmIdxRzP1qxHwPvuSfQ2lYsATC_EIDZIvUlLtcEEV81fHIP-9D3kCMIjtGSrr2ue9F4aLeVK-GpbS7VROIDNnKQdSSf9SgiAtnNsgg&sig=Cg0ArKJSzHLZO9recAUSEAE&uach_m=[UACH]&adurl=
Frame ID: 3066CF0322549A54E0A928D77CC17AF1
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A894355384B76238B14FA2E0FC2AC94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E23C6C84671078093394557BB771395D
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

NBC News - Breaking News & Top Stories - Latest World, US & Local News | NBC NewsNBC News LogoWatch NowSearchSearchNBC News LogoMSNBC LogoToday Logo

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

186
Requests

97 %
HTTPS

39 %
IPv6

28
Domains

51
Subdomains

40
IPs

7
Countries

4332 kB
Transfer

16401 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://media2.s-nbcnews.com/i/newscms/2021_40/3510526/select-logo_e3a5a3fe1cc23c7b985fb99495737521.svg HTTP 301
  • https://media-cldnry.s-nbcnews.com/image/upload/newscms/2021_40/3510526/select-logo.svg
Request Chain 142
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---&google_tc=
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEMlD58TEuGchQm-Em0AxXKE&google_cver=1
Request Chain 144
  • https://rcp.c.appier.net/rbcm?gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=m5s5q4OODv-RZosJ00YuZA&expires=365
Request Chain 147
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7019642e-46d2-4c00-adf8-e6917314bee1&gdpr=1&gdpr_consent=

186 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
user.subsystemsselv.tk/
883 KB
83 KB
Document
General
Full URL
https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.227.196.57 Chicago, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-227-196-57.static.hvvc.us
Software
nginx/1.22.1 / Next.js
Resource Hash
e06a2a40ec1f9613831c608ad26f5102012533bf5e49d04343bb7c160569aa5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-language
en
content-length
83895
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Thu, 06 Apr 2023 04:13:03 GMT
etag
"dcbbd-yU+T1OC/MdMcZ29MDWWLBX465zc"
link
<https://nodeassets.nbcnews.com>; rel=preconnect, <https://media-cldnry.s-nbcnews.com>; rel=preconnect, <https://securepubads.g.doubleclick.net>; rel=preconnect, <https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq>; as=script; rel=preload
server
nginx/1.22.1
strict-transport-security
max-age=2628000 ; preload
x-backend-server
green-ramen2-55c5f5444-qd59c
x-frame-options
SAMEORIGIN
x-powered-by
Next.js
load-nbcnews-bento.js
mps.nbcuni.com/fetch/ext/
286 KB
68 KB
Script
General
Full URL
https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-60.deploy.static.akamaitechnologies.com
Software
Apache/2.4.38 (Debian) / PHP/7.1.33
Resource Hash
88b4d4627e1e206d18640d49737db3589b7a76c88bc34f671842f685a618492e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Apr 2023 04:13:03 GMT
Content-Encoding
gzip
Server
Apache/2.4.38 (Debian)
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
68719
Expires
Thu, 06 Apr 2023 04:13:03 GMT
5e6338253b85b3b6.css
nodeassets.nbcnews.com/_next/static/css/
94 KB
15 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/5e6338253b85b3b6.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5105460205f338247b81e410f884c8bd5e7291b11d2baeff44c84ef1916aced
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
g2K2w.xq_ZUAJR1WQEYnM1kjVHDRs_ze
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
S9HN72B7N481RXC6
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943519_46_8022_6_0";dur=1
content-length
14614
x-amz-id-2
Cpd89oTJ//dyxQR0Ibmvd09/YCBPuY1KRcqoW40a8AKHHsuJknkP2yhVcTVSNefDnSSXZbYByQg=
last-modified
Tue, 04 Apr 2023 23:34:14 GMT
server
AmazonS3
etag
"ed120a9caa9b9c36eca2775e84223553"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
fontface.css
nodeassets.nbcnews.com/assets/fonts/shared/
4 KB
1 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
77014622bb2b3b959cef95b4e87520f3422d0344a366b0820580b9f9201d5b7f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
rJ0HSxqkRVpZ0gf5u3RFI_ZcC7nBQXU1
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
PS32QV1SHM3TWDXE
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="466876_389993759_14943520_350_8287_6_0";dur=1
content-length
686
x-amz-id-2
auH73+tsiySdeD4KPlygvAoRwGUjKmgYIylEB2X08yWG9A9ozyyFCOps8fwriEdYPuze/XHe1zQ=
last-modified
Thu, 11 Jul 2019 19:07:39 GMT
server
AmazonS3
etag
"2b115064a98912d96b0f2df36459659e"
content-type
text/css
cache-control
private, max-age=900
accept-ranges
bytes
expires
Thu, 06 Apr 2023 04:28:03 GMT
header.css
nodeassets.nbcnews.com/assets/header-footer/1.118.0/news/
42 KB
7 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/assets/header-footer/1.118.0/news/header.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b37bb3cd2a4abcd5d1c1ef8ad3d4749581fb0fc228496fd88a76066b9fb20a6d
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
rd5qeECBXFQvFfwmtEp6MFD_u1NmnW9J
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
XW36NADQ9Y35KF48
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943521_30_8147_6_0";dur=1
content-length
6866
x-amz-id-2
s2b8EaTUn3yaDOD/kSPALARF1yPGvKpW7hDSGiSuChGeuKxMQEKPo5jKik1yik2f+GD2jFu9YQs=
last-modified
Thu, 30 Mar 2023 16:30:41 GMT
server
AmazonS3
etag
"cda0861995b1e524cb9ab6dbbf8ed0f7"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
footer.css
nodeassets.nbcnews.com/assets/header-footer/1.118.0/news/
5 KB
2 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/assets/header-footer/1.118.0/news/footer.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34f3f7e5ba0f8c1d2b96bcc79567da5ac6f17ca2165f20d57f9d642ea84580a3
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
LzY5J7o3k_cH6eo7LpqEhtRoqy397QJH
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
XW35RXCXSPV428R0
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943522_29_8060_6_0";dur=1
content-length
1267
x-amz-id-2
q7QGUVDJoyqQheNSDwHkD/cM2tpPs7DFJYfAeEZACD3gsjhnG4uih1VWtUuU6m55hZh6vCWuGvk=
last-modified
Thu, 30 Mar 2023 16:30:41 GMT
server
AmazonS3
etag
"6f341ab6d3eddefe1b58c8d70fcca57d"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
2afde57d97ac53d8.css
nodeassets.nbcnews.com/_next/static/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/2afde57d97ac53d8.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6117243f9087c22d2c899efffab51d219f0053892e68ce513fe23709219a453a
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
9a3xhy3dggxBT_t8AW7dUtT9l615Xbrr
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
XKC3F02P9P0RJ85R
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943523_30_8047_6_0";dur=1
content-length
1434
x-amz-id-2
DztpUXLuITiXdypYGl7FVCPnqnisVwyCXwMXN4no1IeLKiGwMlABJxDV+tucHAqDxQQzAd7ot4k=
last-modified
Wed, 05 Apr 2023 21:51:35 GMT
server
AmazonS3
etag
"bff642754a0fe7d3662d6df623268ff0"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
84c797dc0f35ae7e.css
nodeassets.nbcnews.com/_next/static/css/
120 KB
13 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/84c797dc0f35ae7e.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7ff30dfd7ff14ed5455cf5fbbaa0fb11e1292e31c089ce08571fba4eff88d92
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
OQWtKDWFTLrxKJ73SLyBkdQAV2YPBAjW
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
M3K04KV7MSKTJG72
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943524_29_8060_6_0";dur=1
content-length
12357
x-amz-id-2
O1uYM9gaeCtm4oE2pZl15/FEv67qoFIBu1bsC/dr3nWQEVEXH1Kz/ZKJDN7qftahtT129dqfy6g=
last-modified
Wed, 05 Apr 2023 17:48:44 GMT
server
AmazonS3
etag
"f89fd1625db5489c6adc0bed12a4eb9c"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
f3fd546a0940d69e.css
nodeassets.nbcnews.com/_next/static/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/f3fd546a0940d69e.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63b942203ce4b9f671cb68baa488da2fb141cb386c84d07f279ed5884a39a26a
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
Or05Y.gcrZa84.H.Ap30nEgZqf3mNdRW
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
MPXKWG79J66K1PPV
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943530_25_7727_6_0";dur=1
content-length
3378
x-amz-id-2
mWZulgJh1TROIKHcaBtysnNSJn2WtwW1Rx3RwXM1/ImvKN4fg/HbxM+ekHTN/DSKuOzrFXtP/T8=
last-modified
Tue, 04 Apr 2023 23:34:15 GMT
server
AmazonS3
etag
"693b7806d33ac5b1ea4cdc7f6e0e1b42"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
706e77e879e62f75.css
nodeassets.nbcnews.com/_next/static/css/
68 KB
11 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/706e77e879e62f75.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35e2a95e2c301688891166f8ee17a37c5d5e512b907890c6493221882e96a8ed
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
TyH7ydGMfBLbDE2hZIfDZOEVRndtWM_P
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
EN7T8Z91R87ES1NZ
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943525_31_8041_6_0";dur=1
content-length
10736
x-amz-id-2
KIIpukOO3NfGDhMtYLiI9sl/dQzbcZJc2OQqDlyf1tm8HiVva5Wviuz5KxdF72KSaG/U3ddlgvk=
last-modified
Wed, 05 Apr 2023 19:57:04 GMT
server
AmazonS3
etag
"3a292b3f36980786b17695ad4c76de7c"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
fd5630bcbfac5339.css
nodeassets.nbcnews.com/_next/static/css/
45 KB
7 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/fd5630bcbfac5339.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b2f18f4e492744fc171a6e67feeaf9f82017f595acfe2f2162fd722247d4a30
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
2Gw4FLaDugmGME51PATyyqaso_Z3LIz4
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
ZWBF8XRBDCHZBX04
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943527_26_4734_6_0";dur=1
content-length
7095
x-amz-id-2
qLhsS1OBoHt+bM1cnEKjHIKzo3s5V0dA/nCbHMDU+T6+xwh5wVKBJIGt31FxQSIaHbZxqwVf84s=
last-modified
Wed, 05 Apr 2023 14:21:11 GMT
server
AmazonS3
etag
"60f9a02dcdefc347653909cfc9220905"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
4f0eb9974762a4ae.css
nodeassets.nbcnews.com/_next/static/css/
67 KB
8 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/4f0eb9974762a4ae.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a5c5c4441d3c8347bb2753c4e67e6e15166231d860603ed9e91e0781e285407
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
ErSQVUgs1dg0PwWqLQTagu6PonZe.ukG
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
H7ZZGV2D8RAG3HFT
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943528_27_4695_6_0";dur=1
content-length
7953
x-amz-id-2
ZEd95bsh99NX98CUPcNREzIMqjrH9LdVqmkrlZPnyee3hJYL2tUWTBiw52iWR/HdcHVYwHBc3dg=
last-modified
Wed, 05 Apr 2023 20:17:40 GMT
server
AmazonS3
etag
"0900bf491315063e30e3dfdd8618b1bf"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
7af26e3a52eb36fd.css
nodeassets.nbcnews.com/_next/static/css/
661 KB
58 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/7af26e3a52eb36fd.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a935de3bf67caebf6723b5ae9e8377a1e5a5d5b113123dba8d6765330920fa6
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
UwkuqXvzHcrkGWqgmmm8yRNCkAtkmknV
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
H7ZWJVA1CP661B9M
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943526_30_8078_6_0";dur=1
content-length
59112
x-amz-id-2
X/6vU8WtG0nqImPsW5JIniwTUyf+eXIA8dw2e+PBwHW46QItuq70ZuBAIPdEaQpmem54A/1KfO4=
last-modified
Wed, 05 Apr 2023 20:46:06 GMT
server
AmazonS3
etag
"d5aeb092f7e3113dba2eca1f9f4c4298"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
522b514d884ccafc.css
nodeassets.nbcnews.com/_next/static/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/522b514d884ccafc.css
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f30942606452f6110fe2a2039a3c4d3232330c4420f3efba9d0b4628e6a7063
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
qi1_1s1ZGKMLY3EUuP1cUDaF5LqI2EbY
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
3TTX1ZB1Q0DMF50P
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943529_37_4658_6_0";dur=1
content-length
1588
x-amz-id-2
250zsrU3JGs1jyQvqWLFiISw+5ee34930githfuaf1HL/M+oleajlqgD/gsby/mwUjTnYnEW0OM=
last-modified
Wed, 05 Apr 2023 17:48:44 GMT
server
AmazonS3
etag
"1767365b8c0f8b9b7d2ad06dac9975a6"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
webpack-7baf0a5a1657d29a.js
nodeassets.nbcnews.com/_next/static/chunks/
9 KB
5 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/webpack-7baf0a5a1657d29a.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7c4e07319372f2a7be589fba41f0a52192902daf83fdfa296e121a8bb5bab4f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
KazCcAbcvQ.BoojBnxJY4WLBVXj46uuT
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
EN7X7W6P2YQMN3SW
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943531_28_3959_6_0";dur=1
content-length
4107
x-amz-id-2
6pdgOJO0YJQn6rtUu3JwI2HzlyalZLyPMHQo0U9SkrUsB+RJm58F5YeJi6zJ+yePOldkye5hGmg=
last-modified
Wed, 05 Apr 2023 19:57:04 GMT
server
AmazonS3
etag
"a4ef5bdf0b80bea9dc9f1e3c11e3ce01"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
framework-79bce4a3a540b080.js
nodeassets.nbcnews.com/_next/static/chunks/
127 KB
41 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/framework-79bce4a3a540b080.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
cx_6UMzAgo_VF8.1m9LVg9VPvanarrW1
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
4J98RJQSK6PCM34F
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943532_39_3897_6_0";dur=1
content-length
41055
x-amz-id-2
1GK5KkdzkKMMjslRZ+255lj5PJJhCV0KppTPgYvzAWd5wQjmpCxnbUoFqZW2ZcDFzm/WISXwIpU=
last-modified
Wed, 05 Apr 2023 17:48:43 GMT
server
AmazonS3
etag
"8ceac1a0789024027e37cca07bebaad2"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
main-3626adf95c8c50d2.js
nodeassets.nbcnews.com/_next/static/chunks/
99 KB
26 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/main-3626adf95c8c50d2.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68179b2afb435b07725952ee0ccbea4c87220b9cd756d4f584e2867f277a7c15
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
HlLP5CHVMA614ATqEYH2ERB.APe5WdJA
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
JA2D4KR7WS0Q1J7D
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943533_48_3840_6_0";dur=1
content-length
26331
x-amz-id-2
XhI/yHES5u6fywkBWUnngb4w/pyMwQ41Zd8SIU09jkUth1O6rdX913c3redkTDkBfAT5zw2T1PM=
last-modified
Wed, 05 Apr 2023 22:44:31 GMT
server
AmazonS3
etag
"7ff83a4e2b67ba147d0270dd1637714b"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
_app-5209fc2fe6616675.js
nodeassets.nbcnews.com/_next/static/chunks/pages/
516 KB
145 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-5209fc2fe6616675.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3483d215247ba9a3968cb0dad69ebc97bc9493f89437acfe55d57d32be5514e3
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
XPf0J0AA9fWFliHrIGrdpteEaM80FJym
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
5V8CTRV2GNENGR7W
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943534_55_3755_6_0";dur=1
content-length
147429
x-amz-id-2
fnKhbvOxUhaxHEgafrs/uZU2W5kWEHaF6HSQCN2MeEJ4ueCDb4qmvtT397Njn0wqH/OFfGH5aOE=
last-modified
Wed, 05 Apr 2023 21:51:34 GMT
server
AmazonS3
etag
"99932abf4d2ef1330022b0b80f7fa7fd"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
f3dea186-cb45794ed4085831.js
nodeassets.nbcnews.com/_next/static/chunks/
906 KB
31 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/f3dea186-cb45794ed4085831.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dba8842a30a0214ed2532bc6d5be0c667506050e386c56a11be5dc80d34cbb2b
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
VlsypoW0sdNgrGmUJHcKvBGZ6RQyPYe4
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
GSH657W6F19A6K8S
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943535_39_3727_6_0";dur=1
content-length
31335
x-amz-id-2
Q3tpPyrla6zRjQ37S15jp99h6E3ojgOsPpPrRfCZNbC6TCvqxsCkfqVN8lc1jAeTHKDJZ13s3gk=
last-modified
Wed, 05 Apr 2023 22:38:41 GMT
server
AmazonS3
etag
"66651eb4a8b0b5346cb7f5d29ce5a183"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
847-b01264e72fbbabdb.js
nodeassets.nbcnews.com/_next/static/chunks/
157 KB
37 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/847-b01264e72fbbabdb.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e7d503f53b7dcf6d7ed944e7869895a4335c34cbdd3aa458f553fe7210f3c5b
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
VlprILNIJAf24v5OPofIYlGQPZI7ga0v
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
ZB0PV9CEEVGVKNJ4
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943536_593_3201_6_0";dur=1
content-length
37175
x-amz-id-2
vdkT7MyyvT6ioYHKjSsuMsApUPTi/R0pNy49KDVA1ZJPABtR8SXcpmQh0u+tNI1ckMYxJc1ZrDc=
last-modified
Wed, 05 Apr 2023 19:57:03 GMT
server
AmazonS3
etag
"433ec90b07e25dc1554e9e95c57abf5f"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
8254-5f7fe7bf75a6c88e.js
nodeassets.nbcnews.com/_next/static/chunks/
28 KB
9 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/8254-5f7fe7bf75a6c88e.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f9187f094239de8b9cfd32162b64e9e8ceb17cc55d68a1eac2b0bc85ef12e2f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
lqy0rfgwWeNZd9gIdeku10k0Eb7jVHYL
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
2FTHTYPPW5RFV4EZ
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943537_42_3696_6_0";dur=1
content-length
8765
x-amz-id-2
GR3Yi7/RuzRyDNZVxDv3IWUwFh2AKx5QTp5y92XGzueZibsUcNqsuscjfH9i8IlKmptCiWr2OWc=
last-modified
Wed, 05 Apr 2023 02:14:42 GMT
server
AmazonS3
etag
"4292093418df3f2865099ccdfab78114"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
8530-de3ebe774ac73f5b.js
nodeassets.nbcnews.com/_next/static/chunks/
16 KB
6 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/8530-de3ebe774ac73f5b.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b78ab16b972a289c3f833bb02edc358e3315ee48ccb618b57bd6e3c8a230c164
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
z2WDnflemBcz0Fd16PS9SXJUdecqe7Hs
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
NZARJRPA3D3V8JQ3
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943538_46_3659_6_0";dur=1
content-length
5459
x-amz-id-2
4snqIK49A0fshr+prvoYNpYBYnMgZOtSewH4A1B51Y+VFmpXvot7TxdaqJlcvgL88ZyozDkGTG4=
last-modified
Wed, 05 Apr 2023 22:44:31 GMT
server
AmazonS3
etag
"b9a538671c59c2b1a9d4494e9efdb6cf"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
6205-3859b2c226fd1d02.js
nodeassets.nbcnews.com/_next/static/chunks/
218 KB
65 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/6205-3859b2c226fd1d02.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c9b84eee17d1c75ddf8e2eb1fcc8449e3678b27924230e9fde0c4d935e610890
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
gqFYL9X.89wKgvKvo0e3GLAjTnC3CVbi
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
Q1ZKRRTBQH658V0A
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943539_48_3699_6_0";dur=1
content-length
65971
x-amz-id-2
oZVnjjZY7zdC2dRd9S4hDoxIR6CqxSIriJNfVGrUqaYmEwQ2o69mCKPYngALwVxavA2e+LMjpl8=
last-modified
Wed, 05 Apr 2023 20:46:05 GMT
server
AmazonS3
etag
"3f85a037b1bfc884a39c37ec41e76721"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
285-7918b8aa2e8232ed.js
nodeassets.nbcnews.com/_next/static/chunks/
25 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/285-7918b8aa2e8232ed.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c755adde476ad57448321743d7f3604ad9fb1f202cff269a558d71d9df70f20
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
hJZ0hRQGBxk9Y0DidEZOBv_0tqQPRNq_
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
8PFMKBVSMG29HTFY
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943540_46_3689_6_0";dur=1
content-length
9386
x-amz-id-2
gClVfmh3pG7ALBvFAxqK0r24P8QOelX4cia7tkCMjzSf7TLZirBaK1jaZ84m7OEpTuLb2+iNhfU=
last-modified
Tue, 04 Apr 2023 23:34:13 GMT
server
AmazonS3
etag
"4ba145dc42eef330d43a69d1ba79b52c"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
7837-40bc5c706a5fe628.js
nodeassets.nbcnews.com/_next/static/chunks/
9 KB
4 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/7837-40bc5c706a5fe628.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7763196ab34776af723b173cc24a70e86788c382279b69f0f98c5194ac99fed
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
Xvx9kFzBqj4DPCnsS60nwHAg1q1PShno
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
TX4ZADZ5RN7R46PW
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943541_48_3700_6_0";dur=1
content-length
3398
x-amz-id-2
cKoyPlhJAoMiqwWvRQQNz0/msV0UKfPpLsw770+hMa3RANNF73e+zOoXbuw/sQbnkuFsBKYoONs=
last-modified
Wed, 05 Apr 2023 23:40:27 GMT
server
AmazonS3
etag
"e3f1d014e65f71b4ac096595d5b041ca"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
251-de4443e52c3cb2a7.js
nodeassets.nbcnews.com/_next/static/chunks/
34 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/251-de4443e52c3cb2a7.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc0819cf3ec458ccd6642f971be6a5d28ab5ef0aefe8d963305aa4eaa3818f56
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
7NmsVV0wGDpHWZ8hhSsWcNr3w7kny2bb
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
VKTFG877RD5HR2RE
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943542_46_3717_6_0";dur=1
content-length
9365
x-amz-id-2
LtcJOwqAMuLNWrk9RmECSxtslNZ6SoQRGk3eAD+Z4wDvMKwOsoFOlHTfRLBdOah+Gseg8kpINVg=
last-modified
Wed, 05 Apr 2023 02:14:41 GMT
server
AmazonS3
etag
"eb4599568beaaa170e037a17667244cb"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
7370-1af77ae6757aca11.js
nodeassets.nbcnews.com/_next/static/chunks/
11 KB
4 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/7370-1af77ae6757aca11.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e2ba94e0560e4fec85f629e0b8ffcd4c7ea29b5f0076a0bd849f1fdb86a1d56
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
CrUZ_TCg_tTmBOL9ZN7tUt4FCWi4LoNL
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
XJ1S2FMWP0MZZ5EN
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943543_47_3638_6_0";dur=1
content-length
3916
x-amz-id-2
zdLhHYb6WAO/1IMIJ6yM2J3KdctQX5pCtp4yehuCen95xZpMWgWacE+Yb5lhY9l8irnenBnA6Fg=
last-modified
Wed, 05 Apr 2023 20:17:39 GMT
server
AmazonS3
etag
"13af0d34f034d9ef580c48ebd120e97e"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
3852-ce0f08b5d191a986.js
nodeassets.nbcnews.com/_next/static/chunks/
11 KB
4 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/3852-ce0f08b5d191a986.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43077b2adc466deb1239eea7403129be680692ecc3d61488f00ed606cc2c3eb0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
TsWd.GbV_Dtj6GfP8FWeFhaXikYnV2vF
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
TA7HJX75AQZP0WTP
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943547_87_4974_5_0";dur=1
content-length
3198
x-amz-id-2
N+hA0TDgpg2BPvNfvV+AMfG6+pRZtkAvrxDobK3P3Fiz4++tTX0VKcHZCmly9+waFexszf4EqXo=
last-modified
Wed, 05 Apr 2023 02:14:41 GMT
server
AmazonS3
etag
"413e6e8b69281eaa085c2136d102610a"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
716-6986ae7a2c736b85.js
nodeassets.nbcnews.com/_next/static/chunks/
17 KB
7 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/716-6986ae7a2c736b85.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e900fb35282de750f71034278389edce11a2ffa7f9cf657d05f78c2c3ae924eb
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
xLCYNko3oRMY8KI7gbfgLRjBWTk9z2mV
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
ZZG5EVW5PCWM7W53
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943548_84_4982_5_0";dur=1
content-length
6847
x-amz-id-2
6Xot58MwT2yuW+NzSybR/roLlbeBkCwKoRHTGwsDbgl4/PiQ7lAEl2yZbPxZD/R9ayrCKDm2Z7Y=
last-modified
Wed, 05 Apr 2023 02:14:42 GMT
server
AmazonS3
etag
"084efda075767187a84402b28029c05e"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
7693-f62dbb2090546d79.js
nodeassets.nbcnews.com/_next/static/chunks/
11 KB
5 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/7693-f62dbb2090546d79.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d025ceca2538b399dd7b863793db5a04d9255cd318e76ae6bc9a1b12acdfb28e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
3dnGykVkMAICYphz9auLzdO6mP6FR1ok
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
13HGTQ1H4FZN0QJH
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943549_86_4970_5_0";dur=1
content-length
4121
x-amz-id-2
MTIgSMhrq4MRmIIXb7mX6nges+u6IPzwPwm/jlhpJnLkTW5UCQrPSiHyBatpXbL9GQ8/DsO1DqU=
last-modified
Wed, 05 Apr 2023 19:57:03 GMT
server
AmazonS3
etag
"4544a1b6b5cd50d80bd5b9a7e872578f"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
2062-3da4bffb91fef28c.js
nodeassets.nbcnews.com/_next/static/chunks/
25 KB
8 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/2062-3da4bffb91fef28c.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15e138c3ee1086b8c2fd7913a254b89117f9289b4809dc51573a8db871c248db
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
OzZ0Ha5uzo4HjHiirdhERqabYdm05.qC
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
DTCGMYKMFW1G4GPB
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943550_87_4950_5_0";dur=1
content-length
7330
x-amz-id-2
ifyOoT3lM8I7R4B6lwO5q+/qWfxWyRc0xFhbwqQEQzjEng+cUkP9dQbPTo/sn7+rkJ6E7nMoGy4=
last-modified
Wed, 05 Apr 2023 23:40:27 GMT
server
AmazonS3
etag
"f39b8713f18993cba9355b48e7f6d12e"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
8726-d7354f1dcfdcc72d.js
nodeassets.nbcnews.com/_next/static/chunks/
12 KB
4 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/8726-d7354f1dcfdcc72d.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5831e5ad7635f2630ba40f81ae235cba2d8e5873ed36febe940f3f76f070b626
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
9aY45s6EXENmwmJkOT3CaA07GlIE0Vk8
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
RW2GHNY4Y7CBPBKA
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943551_86_4965_5_0";dur=1
content-length
3801
x-amz-id-2
rkNVHA3kF43+0T8RfH3v7WulFNBT0VG8jUXfT6m516wv8sp6Z270TJQSC/Uq5fE3m08u1/LdIwc=
last-modified
Wed, 05 Apr 2023 19:24:58 GMT
server
AmazonS3
etag
"22c4c80c9a830d6abb24225881794c3b"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
8915-1834962d4e2fa06f.js
nodeassets.nbcnews.com/_next/static/chunks/
178 KB
49 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/8915-1834962d4e2fa06f.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fbe11e455dc09999b418a1398bb62af1a92dd985852e99132ac2c483bc6e748
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
cblGioXNgE.hmYmUEEKgDOu7cGwLGfqo
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
9CV02DSB6PABBC3G
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943552_94_4930_5_0";dur=1
content-length
49026
x-amz-id-2
XAhjcz7gTsslzF6iDRZS19+S+a//+jKDPWZcJY+5XnXrQAmSimpHoGBy+3PDnKxaOSFkoIvHQZ4=
last-modified
Wed, 05 Apr 2023 17:48:43 GMT
server
AmazonS3
etag
"43e1249e785fcaa7da52c746072025c2"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
3617-33d596da24b63110.js
nodeassets.nbcnews.com/_next/static/chunks/
40 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/3617-33d596da24b63110.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7173387ce678f52213086714f1e0b5d65fb1b4aa64d07ede23f0c7297fcfb9fa
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
oeSqeLsCriUS2E6LA4H_hQ2JwCbjykda
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
EEY68D2B469GFEGA
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943553_95_4912_5_0";dur=1
content-length
9850
x-amz-id-2
IeFXUvlt4jvfldmIbrwCJBSFp7Rw7TzABOZyRhNO1bvOuECeMq5ZjM2/yBzhex1/hvW0QYloEkc=
last-modified
Wed, 05 Apr 2023 02:14:41 GMT
server
AmazonS3
etag
"c273990a0b54efea4b4316acaf84bbab"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
5279-c556908b54d50c35.js
nodeassets.nbcnews.com/_next/static/chunks/
11 KB
4 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/5279-c556908b54d50c35.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16dbff82ef6cf9de7d054c9df4d47b7cc7ae3d659527f74ae2ad7509fd0b1545
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
msqMCcrxBk4mS6sDhzkorKccae.BI_x1
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
VV9KYD4D7D77Y8YB
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943554_104_4836_5_0";dur=1
content-length
3975
x-amz-id-2
mFVrM2iWWLUoVOgO64kbbOiRcn7KUnaHqaMTKgYkDI/nYMmtDX7TJd8qE1A1/Xv7Am5tgK0M5i4=
last-modified
Wed, 05 Apr 2023 13:32:01 GMT
server
AmazonS3
etag
"d457892e2eedaf831663c983676e9bb3"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
7444-1fb37156fd64663a.js
nodeassets.nbcnews.com/_next/static/chunks/
12 KB
5 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/7444-1fb37156fd64663a.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b801689ae02587eee2dc7fa323e6726b98b9d5b8df72898caa97b7f7c5804e7
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
qxIIloKl12Ql9EJEfY57IgnGp9tzRatD
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
ZJAS4CDFP30NND47
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943555_824_3728_5_0";dur=1
content-length
4342
x-amz-id-2
ni4u416aoAz6UUVCDetmsJzwCmNZkJaerSmgVXBvowd8z6KfLREsVYieRuNuZ8Yh1HWdrVxRFDU=
last-modified
Wed, 05 Apr 2023 22:44:31 GMT
server
AmazonS3
etag
"722bd39e7caee8cb1a8432cba0eb9e7c"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
2617-1893d7f8fc8975db.js
nodeassets.nbcnews.com/_next/static/chunks/
35 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/2617-1893d7f8fc8975db.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e671f3431cb9f0eeffabb92840a257a1bc58287cccd27ea95ccd7804f6b22a21
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
wlSgCp5kdV7d4OFNLyZdLKTggy5LVoBU
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
FFF9GK8410WXVGSM
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943556_101_4812_5_0";dur=1
content-length
9367
x-amz-id-2
k4moPBlMdMD3t+kHk5YqjR5rRqshLvswbrhTS65SW2VXXGtYdaYwImziA0GClwwA4cHE4pfn0sY=
last-modified
Tue, 04 Apr 2023 23:34:13 GMT
server
AmazonS3
etag
"3f6bc3d65e921a9f8bd6ed71f67f047f"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
2190-00c8ffff99a0d254.js
nodeassets.nbcnews.com/_next/static/chunks/
13 KB
6 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/2190-00c8ffff99a0d254.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05c4ab4d8b664e4b5beeae74645f3ad5f20c7f47eeabca7aa5b68b0d87be5342
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
9y48DeB3AXzR9TqZABxLufdw_iCc7F88
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
FAQN275EBQKK983K
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943557_118_4709_5_0";dur=1
content-length
5132
x-amz-id-2
WgCzAHW72mLuTx3m7tYvFGDEJmV0/mHvr6JqGrJe55NFEUc9DKuiZbLxhHED3TSCsUI0CfiJRME=
last-modified
Tue, 04 Apr 2023 23:34:13 GMT
server
AmazonS3
etag
"23c44e3b5e034ca3b8cd60369a2f1eff"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
9388-71f6069929399e1b.js
nodeassets.nbcnews.com/_next/static/chunks/
8 KB
3 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/9388-71f6069929399e1b.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7fe7133070e1cf8b7b3b4dc0141c65715f447c05c83a909ba68b3c1b2d21ff2
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
.BDBJjSyZhbxcT9Ki3bKjm1XxiIu5T5o
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
A8RYMYNDJ9KTSDQ3
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943558_98_4874_5_0";dur=1
content-length
2769
x-amz-id-2
MChvWd7ki+rPmJ7ma01O+niTJsRnglrBGn2knM+zgJnXd4rrtCvohvdIjFauvh0xn13rNS942yo=
last-modified
Tue, 04 Apr 2023 23:34:13 GMT
server
AmazonS3
etag
"5719c4bb4b29052895869ae662fbab91"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
699-070aceba5812bdf2.js
nodeassets.nbcnews.com/_next/static/chunks/
71 KB
18 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/699-070aceba5812bdf2.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ff7aa35ab961b2ccc4adce767f8528ef0c837cfe2032c596ce41128fe53cb39
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
23bQ3LtOgwXOiGpCphn6iiG_I9DDW44y
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
EN7MNE5W0E5RD703
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943559_106_4774_5_0";dur=1
content-length
17831
x-amz-id-2
Kvr+14zyN24BNeHkQAMqxvjWIFlWxMRhmfkZM3GuB480ukCRaT3g6f9jzXF54MK40T/o906hFjE=
last-modified
Wed, 05 Apr 2023 20:17:39 GMT
server
AmazonS3
etag
"2285b884b496f52d6cf26f18f91557b9"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
5065-22bbbbfaab17ea6e.js
nodeassets.nbcnews.com/_next/static/chunks/
55 KB
15 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/5065-22bbbbfaab17ea6e.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
013c9bcb81089f84221d4c061f0e067385b6e020706175fd07698412600c1374
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
199w99G5KOjdxc8n6VoAqOZSc9OaYM7g
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
V2Z585S3Z906CARD
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943560_103_4864_5_0";dur=1
content-length
15214
x-amz-id-2
FjuRMMaWtYZ0qzJk/mZc9+Oas6/XG7to1X0HaBugJe7tHgoo8baEIWAImM/16LIiCCgV953+IlM=
last-modified
Tue, 04 Apr 2023 23:34:13 GMT
server
AmazonS3
etag
"e9bb8d5b7932b4f9f99fb92b880647e6"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
3690-bea74647d8dc0383.js
nodeassets.nbcnews.com/_next/static/chunks/
48 KB
13 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/3690-bea74647d8dc0383.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
875e5e8cbd7d75299a7d7a024b4d0cbb4f711d6419ae750d48f3eb40b391971f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
WMStIrPqGtLqDOOzuoLb7iG2_ON04MrR
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
24XNHKQ5PPE3Z13Q
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943561_127_4615_5_0";dur=1
content-length
12470
x-amz-id-2
T+/VuTeVOCAxQ4kZTRjt6TRbMKkfgiAg3zYaDwEz5CF7vxi78Ijp+ZdUiVGjlOfpPZ0om+9BH1Q=
last-modified
Wed, 05 Apr 2023 22:44:31 GMT
server
AmazonS3
etag
"ab127bcb644ba44f446ba8926827f7ed"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
2715-09f5ef449b565e71.js
nodeassets.nbcnews.com/_next/static/chunks/
40 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/2715-09f5ef449b565e71.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1738258da5f518915ce07f76bc7979c772ddce8dfb22fe56036d9da1d91b0e5b
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
YMf_c4GKA8DrUThZQBrIOjsnYsNzCM_1
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
RMV9KX445EGWAYTW
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943562_196_4142_5_0";dur=1
content-length
9263
x-amz-id-2
lsP3n10JbcK9HyIlV+AjCudqQv+mf8+p7/+ARkkcExiwzBqrSQmh8Dj5R32k0/A7q+wRCY5CN2g=
last-modified
Wed, 05 Apr 2023 20:17:39 GMT
server
AmazonS3
etag
"91e8a7f3b60fdf60523740e7edab8bab"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
3932-56c242b2776eb010.js
nodeassets.nbcnews.com/_next/static/chunks/
32 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/3932-56c242b2776eb010.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8729ce07b150e60abf9131f05ff9aa8bcc4e7a497efd3407dea0cf42f0d1a2a
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
sBWMOVnoY.pQhm0u_fhmFpUJk9w8tfs7
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
4A3SGA56JGNDVVN3
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943563_822_3698_5_0";dur=1
content-length
9485
x-amz-id-2
dbbP4F6STeKPhnxNu5t9b8CYl+GAZo67/YOsJKUb4YPtc3KtgmbRR7IovCxIejytieZT/OKMR6g=
last-modified
Wed, 05 Apr 2023 20:17:39 GMT
server
AmazonS3
etag
"45089216e4bebefd3246f6ee63e9df75"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
3502-47fff04d7b6232ed.js
nodeassets.nbcnews.com/_next/static/chunks/
504 KB
112 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/3502-47fff04d7b6232ed.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95a4528bd392bd74ea34edb64be1ade6d8fb098ccc378a4303dec626ea55587c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
CK1FqOm0zjJw84JrRD1VL6K6ZfZkoDkb
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
5D52K7ZXH4XD30QE
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943564_821_3709_5_0";dur=1
content-length
113951
x-amz-id-2
CfKBZy5lVkG4Qk8nUMadw3B/YtjEriNIcRNDZ0xoqo5UyCMy6grmkQjmG9+akXOLBFLni/mxFbc=
last-modified
Wed, 05 Apr 2023 19:57:02 GMT
server
AmazonS3
etag
"af564129e388c390f8492a1eff0fbded"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
8069-418333212f12910a.js
nodeassets.nbcnews.com/_next/static/chunks/
27 KB
7 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/8069-418333212f12910a.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb209f6895a18dc7d7095aaad06f1dd1096ea2fcb0c814bd84cd2f9e6a5aa6e0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
ER9y7XP6rMs71RMX_Ut18bOtFY8J7ugR
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
P2TWJ7TGTDD3WE76
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943565_818_3732_5_0";dur=1
content-length
7079
x-amz-id-2
905FCoZ49BlJV2eASmcwh8w4nuTHAUuGY631hvZrHmEVx3aWsLlP5DKViqOytGGl40KuQmKecTo=
last-modified
Wed, 05 Apr 2023 22:38:41 GMT
server
AmazonS3
etag
"a9e2110c6dc1c45761e55f8f9e9fabc8"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
front-17e0bd4cf256b715.js
nodeassets.nbcnews.com/_next/static/chunks/pages/
23 KB
8 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/pages/front-17e0bd4cf256b715.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dadf818cafb4f437b301203b0d2d96cf517132437ad9b0889ee5d61c4b969ac1
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
aV9PK5yvADve2MkjbSOmZngYl5r6aRi8
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
89YQMXRMHER6ZRFE
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943566_814_3764_5_0";dur=1
content-length
7460
x-amz-id-2
nLyBKY0kw6dlNgTT3OjNz1Ey1aBnBGTEWT0c8iPhSaZmBsFaOdSir/+T00BFn1+vJmAf5pxCqNg=
last-modified
Wed, 05 Apr 2023 14:21:10 GMT
server
AmazonS3
etag
"28107c53b109535fed68626a91c5a522"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
_buildManifest.js
nodeassets.nbcnews.com/_next/static/e1c499d8cb87bc59e169f49b17c4cb2d26794e38/
24 KB
6 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/e1c499d8cb87bc59e169f49b17c4cb2d26794e38/_buildManifest.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35db18405851c03542c182401aad0d089a64afd2b134e8733e5fa9a00c38d429
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
t7Gy.8icswJE2z69iQZ.yj7eAFhNK8XH
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
EN7Z97S3KX288ENX
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943567_821_3676_5_0";dur=1
content-length
5732
x-amz-id-2
mckfNZ+gfZHwwT14FdMc7jcRkeATfooF38LAOL+djMPlR1nSUwExvw5exIAgJSMfdMa0bsyeAVk=
last-modified
Wed, 05 Apr 2023 19:57:05 GMT
server
AmazonS3
etag
"f67bb788aa918e7c1d79f2512fbcac11"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
_ssgManifest.js
nodeassets.nbcnews.com/_next/static/e1c499d8cb87bc59e169f49b17c4cb2d26794e38/
77 B
657 B
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/e1c499d8cb87bc59e169f49b17c4cb2d26794e38/_ssgManifest.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
zYNElZ2W_qacMOg3gVcb8MR8Yp.qn9bJ
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
EN7MG8TNQQA6EB8Y
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943568_818_3718_5_0";dur=1
content-length
77
x-amz-id-2
Brn1+2NPTtPpw3TUVsdye3SxIEVYNx10n93GhXlZpTKSx/cO4NPUXNY4GmeNNQjse+vstryu3+k=
last-modified
Wed, 05 Apr 2023 19:57:05 GMT
server
AmazonS3
etag
"b6652df95db52feb4daf4eca35380933"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
_middlewareManifest.js
nodeassets.nbcnews.com/_next/static/e1c499d8cb87bc59e169f49b17c4cb2d26794e38/
92 B
671 B
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/e1c499d8cb87bc59e169f49b17c4cb2d26794e38/_middlewareManifest.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
SSuZx9xCdGxx4iDfHY3Bj0YI4O1xf9JY
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
EN7Y043F4HHW3BD0
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943569_822_3668_5_0";dur=1
content-length
92
x-amz-id-2
bLsY3H2aAM5qaQRGLbyxgh2IyS0srQyD0K+ISzhLHvXBHQisRryiW3oRhsr9Juj9MaJQB4+Wc+o=
last-modified
Wed, 05 Apr 2023 19:57:05 GMT
server
AmazonS3
etag
"7c3f7e060745668041278118c0bb3d6d"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
230404-donald-trump-indictment-arraignment-legal-analysis-jg-0f6233.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-580x290,f_auto,q_auto:best/rockcms/2023-04/
46 KB
47 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-580x290,f_auto,q_auto:best/rockcms/2023-04/230404-donald-trump-indictment-arraignment-legal-analysis-jg-0f6233.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
798e049729f1f34600e35eca3e3fb2d1e9e61a74c05dccf54e0024f1116d0459
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
185595576577275091866623399828295881783,310703642743450869670807685509426857134,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230404-donald-trump-indictment-arraignment-legal-analysis-jg-0f6233.webp"
content-length
46994
x-request-id
93f00dc43ff30eaebfd309feec11d9d8
x-served-by
cache-iad-kiad7000077-IAD
last-modified
Wed, 05 Apr 2023 21:32:19 GMT
server
cloudinary
x-timer
S1680733965.128141,VS0,VE1
etag
"b46b8d330180481c5fbb7341b94b288b"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31537145
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 04:32:08 GMT
230405-baltimore-cathedral-mn-1515-8f83e7.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-460x460,f_auto,q_auto:best/rockcms/2023-04/
49 KB
49 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-460x460,f_auto,q_auto:best/rockcms/2023-04/230405-baltimore-cathedral-mn-1515-8f83e7.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
e6bdb31bfa7e55ea5c522804e2be1d6d81edd855a7dcb912de42938bc84efa9c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
182251879842155227685585389395478833347,275977310102461287328195838474351071640,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230405-baltimore-cathedral-mn-1515-8f83e7.webp"
content-length
50018
x-request-id
5db3e62ff70dc2c90209d59c5d4bf5b0
x-served-by
cache-lga21940-LGA
last-modified
Wed, 05 Apr 2023 19:22:22 GMT
server
cloudinary
x-timer
S1680726019.592300,VS0,VE2
etag
"51cb41f397a96f7ff936c87fd2d12e9c"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31529285
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 02:21:08 GMT
230329-janet-protasiewicz-jm-1050-6d3268.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-460x460,f_auto,q_auto:best/rockcms/2023-03/
23 KB
24 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-460x460,f_auto,q_auto:best/rockcms/2023-03/230329-janet-protasiewicz-jm-1050-6d3268.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
6d17722c0875c3e0ee46ae3bda0157929646bf3cc5a541871b86ee5710ca4ce3
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
322590661137438744767593365084268035377,275977310102461287328195838474351071640,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230329-janet-protasiewicz-jm-1050-6d3268.webp"
content-length
23944
x-request-id
56c6d22532d6c91a4cf7189618944ca0
x-served-by
cache-iad-kiad7000167-IAD
last-modified
Wed, 05 Apr 2023 01:54:16 GMT
server
cloudinary
x-timer
S1680706376.077466,VS0,VE1
etag
"3cebce667608484fea9b4bb3618885b6"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31509542
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 04 Apr 2024 20:52:05 GMT
select-logo.svg
media-cldnry.s-nbcnews.com/image/upload/newscms/2021_40/3510526/
Redirect Chain
  • https://media2.s-nbcnews.com/i/newscms/2021_40/3510526/select-logo_e3a5a3fe1cc23c7b985fb99495737521.svg
  • https://media-cldnry.s-nbcnews.com/image/upload/newscms/2021_40/3510526/select-logo.svg
5 KB
3 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/newscms/2021_40/3510526/select-logo.svg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
aeea97b165c6d67b516aea972a615e5ad65eca5e88d2663e701da80d6ea676a3
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
content-encoding
gzip
strict-transport-security
max-age=2628000 ; preload
cache-tag
306934831529955337374605453721599124759,7831a46e631c715519da9d0ce0a38b6b
content-disposition
attachment; filename="select-logo.svg"
content-length
2229
x-served-by
cache-iad-kjyo7100137-IAD
last-modified
Tue, 05 Oct 2021 16:51:08 GMT
server
cloudinary
x-timer
S1679690963.001678,VS0,VE1
etag
W/"ffda2eab0c8edfe14cc9d5b48b7db3d7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=30494216
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Sun, 24 Mar 2024 02:49:59 GMT

Redirect headers

location
https://media-cldnry.s-nbcnews.com/image/upload/newscms/2021_40/3510526/select-logo.svg
access-control-allow-origin
*
date
Thu, 06 Apr 2023 04:13:03 GMT
server
nginx
x-backend-server
blue-aims2cloudinary-d9c6d6456-jnmx8
content-length
162
content-type
text/html
ads.b1f2c549.js
nodeassets.nbcnews.com/_next/static/chunks/
37 KB
10 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/_next/static/chunks/ads.b1f2c549.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6e635a7e1ab8ea1671505d940b05de3652d8fc5fa4aca94da773152deff70c4
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
5DVNSRfUPB3NQq3P3TEqv1mvNwcPIxTP
content-encoding
br
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
G17Y7M9SYNZTFH3K
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943570_120_4679_5_0";dur=1
content-length
9827
x-amz-id-2
O/6t/JLPoHELIrLT4QuypeppQQ47M8qCz48CxGb9b6wCMySjtwMSeLbHDRzka3tBrjg6VpCNnsE=
last-modified
Wed, 05 Apr 2023 17:48:43 GMT
server
AmazonS3
etag
"65a76c3601b468306d2dd5e40e23eed5"
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
launch-EN03682f66064449c8b87d78eae3e2fc57.min.js
assets.adobedtm.com/
786 KB
196 KB
Script
General
Full URL
https://assets.adobedtm.com/launch-EN03682f66064449c8b87d78eae3e2fc57.min.js
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:7a9::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e94a1292b204a213eae5f37d69406ef14054ef645e8b6609ba9cf2a17e6187eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:03 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2023 00:53:48 GMT
server
AkamaiNetStorage
etag
"7361160a01dc93d68fef38726e4f9b11:1680224028.366465"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://user.subsystemsselv.tk
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
200275
expires
Thu, 06 Apr 2023 05:13:03 GMT
FoundersGroteskCondensedWeb-Semibold.6797c94d7e9d7972e1dda6ed5248e1f4.woff2
nodeassets.nbcnews.com/assets/fonts/shared/
39 KB
40 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskCondensedWeb-Semibold.6797c94d7e9d7972e1dda6ed5248e1f4.woff2
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1eaf39da4a7bc521968553ccb045aaae4c3609d0f714197db1855e4b47bf31d4
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin
https://user.subsystemsselv.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
UvqxF5yqAakw56cN4C1xb.YQdPhVCBLy
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
PD5C0R1M31H0HK2X
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943589_28_4013_6_0";dur=1
content-length
40106
x-amz-id-2
XPFUqA3B32vqAA7cPNjFiJBHCPt034UMRxYL8w4bum4RO++d4LQmmq7BAa+RZI1/SSAOT1tjeHI=
last-modified
Thu, 11 Jul 2019 19:07:44 GMT
server
AmazonS3
etag
"6797c94d7e9d7972e1dda6ed5248e1f4"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Apr 2024 04:13:03 GMT
FoundersGroteskMonoWeb-Regular.861757adb72039160d3707fc6508e252.woff2
nodeassets.nbcnews.com/assets/fonts/shared/
29 KB
30 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskMonoWeb-Regular.861757adb72039160d3707fc6508e252.woff2
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
547bfe45786020d5e9de262b053fecc7e9031cac23695f136d411b67e604c90e
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin
https://user.subsystemsselv.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
smxq6MLYc1aZNAPU82awTXjGoqcFeVuG
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
PD56GE2C5ZE8QQ0B
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943593_27_4009_6_0";dur=1
content-length
30163
x-amz-id-2
EeYX62hwFmi4a2jPXND4rVjZHIboZQeGC+jdoTmP55Hjwd2snMlef5ZkLo+y7QJfoZjj+bXeMFc=
last-modified
Tue, 11 Oct 2022 22:23:57 GMT
server
AmazonS3
etag
"861757adb72039160d3707fc6508e252"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Apr 2024 04:13:03 GMT
iconfont.c08940c29c.woff2
nodeassets.nbcnews.com/_next/static/assets/fonts/
16 KB
17 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/_next/static/assets/fonts/iconfont.c08940c29c.woff2
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7fdad4000c8b6f43d85ca119e6929e62b6e76930ddbb6e1160beaa5e7feb678
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://user.subsystemsselv.tk/
Origin
https://user.subsystemsselv.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
4aC1uekHXRKbwMCLB..lNrkZ79onXRgY
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
HSTV8SEHN7AQYJBA
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943592_38_3905_6_0";dur=1
content-length
16416
x-amz-id-2
dXy4oLPuGMk3OCcsivcCMy94X8aNPKMUyklh74GhBV/OoS42BkRNHF/JjvJatP+Yz5hUH8+mXsU=
last-modified
Tue, 04 Apr 2023 23:34:13 GMT
server
AmazonS3
etag
"5d5ab74d8fdd240ad0e70731f202a9fa"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:03 GMT
PublicoText-Bold-Web.f54c94b85a1c944380bf1bc3e5efc767.woff2
nodeassets.nbcnews.com/assets/fonts/shared/
56 KB
57 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoText-Bold-Web.f54c94b85a1c944380bf1bc3e5efc767.woff2
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a57a61c431ad9b51fe75897364c4842fb2789893be26351b25a4885329d3dad
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin
https://user.subsystemsselv.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
6_.sksC6WUVuQGYmwFD8cRm.dnQJMJIo
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
0Y00GG8CE771NY97
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943590_33_3949_6_0";dur=1
content-length
57717
x-amz-id-2
C646cuv9WOzEccmOdWAnDHqjEM1XbG3hd1inOHiqixuDRFvuQM9Xpli5/9oJCuQ/6M2+8H9FzLU=
last-modified
Tue, 11 Oct 2022 22:06:59 GMT
server
AmazonS3
etag
"f54c94b85a1c944380bf1bc3e5efc767"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Apr 2024 04:13:03 GMT
PublicoText-Roman-Web.752edd6cce510289581b5e8ecea31abd.woff2
nodeassets.nbcnews.com/assets/fonts/shared/
51 KB
52 KB
Font
General
Full URL
https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoText-Roman-Web.752edd6cce510289581b5e8ecea31abd.woff2
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83340911733e4ae3c55fc3763d089fa38e427248ac4833ee3209c5c5f7f385dd
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin
https://user.subsystemsselv.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
2MTzNwxTqVPRbYrJTYk1GvQbxM9fvhUo
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
PD51C1B3KDD9090J
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943591_32_3975_6_0";dur=1
content-length
52393
x-amz-id-2
PS5ek+5Q52KXq2a3PtzVgOBVyZYLgo4X2K7eCgd2wwLNjAnM2zkDIbUH03lKlpl+fGLrILuUYqU=
last-modified
Tue, 11 Oct 2022 19:53:40 GMT
server
AmazonS3
etag
"752edd6cce510289581b5e8ecea31abd"
access-control-max-age
3000
access-control-allow-methods
GET,POST,PUT
content-type
font/woff2
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 Apr 2024 04:13:03 GMT
230405-missouri-highway-patrol-tornado-damage-mjf-1054-349c26.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/
46 KB
47 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/230405-missouri-highway-patrol-tornado-damage-mjf-1054-349c26.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
fe92d768eb4771f43f6dbdd0f75db3f421cc25fe86a182e635909aec72b95749
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
274146952100660373727335358628361868127,330159931769116745378721534506896093588,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230405-missouri-highway-patrol-tornado-damage-mjf-1054-349c26.webp"
content-length
47124
x-request-id
97fb884aff7bc9ab92df853849ba9521
x-served-by
cache-lga21974-LGA
last-modified
Wed, 05 Apr 2023 15:18:00 GMT
server
cloudinary
x-timer
S1680707941.677720,VS0,VE1
etag
"3f9f130b9056fa4cb9fc7dcfdb0cce81"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31511095
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 04 Apr 2024 21:17:58 GMT
230405-putin-defector-mb-0942-38167b.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/
11 KB
11 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/230405-putin-defector-mb-0942-38167b.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
9ddc915361342a19710975f2501f049a0e5e39e1316931a2ec2f7d41fceb56fa
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
450593017365632292372697303146973830912,330159931769116745378721534506896093588,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230405-putin-defector-mb-0942-38167b.webp"
content-length
10882
x-served-by
cache-lga21933-LGA
last-modified
Wed, 05 Apr 2023 18:18:20 GMT
server
cloudinary
x-timer
S1680734575.555324,VS0,VE1
etag
"2abd6b18be7d00790d954ff01a9feab3"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31537691
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 04:41:14 GMT
230403-mike-pence-jm-1144-c6e09e.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/
8 KB
9 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/230403-mike-pence-jm-1144-c6e09e.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
a8884bbfe36729926daac9ecfaa0c1148c9407882b47b4b1f302c98c42353ba5
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
412390639637701432419595750429738759592,330159931769116745378721534506896093588,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230403-mike-pence-jm-1144-c6e09e.webp"
content-length
8656
x-request-id
c7c50a7f2f05c313c9ee43754b787c81
x-served-by
cache-iad-kiad7000097-IAD
last-modified
Wed, 05 Apr 2023 18:48:07 GMT
server
cloudinary
x-timer
S1680720663.762679,VS0,VE1
etag
"947935b77f2ad3d7bf99d65b7d316080"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31523919
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 00:51:42 GMT
230405-Yusef-Salaam-ew-321p-a6436b.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-160x160,f_auto,q_auto:best/rockcms/2023-04/
5 KB
5 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-160x160,f_auto,q_auto:best/rockcms/2023-04/230405-Yusef-Salaam-ew-321p-a6436b.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
24f07cc7e809dd4a6217965961736cee4fb4b75efada450426c2a4e66f5be6a1
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
400689923496934153981563567174389330686,497655838896336866966802447969939946642,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230405-Yusef-Salaam-ew-321p-a6436b.webp"
content-length
4798
x-request-id
96f3ed5881274ddb78437303a158755c
x-served-by
cache-iad-kiad7000155-IAD
last-modified
Wed, 05 Apr 2023 20:26:01 GMT
server
cloudinary
x-timer
S1680726710.339773,VS0,VE2
etag
"2e4f413d9a728956cf421534e8cebaab"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31529881
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 02:31:04 GMT
230404-nyc-court-newsstand-jm-1-5293ed.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-160x160,f_auto,q_auto:best/rockcms/2023-04/
8 KB
9 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-160x160,f_auto,q_auto:best/rockcms/2023-04/230404-nyc-court-newsstand-jm-1-5293ed.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
78c12eac5f100fbe2621c479b57cce623df21ff660f526b2ef0a637ba8cb9daf
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
361011286997388648400224980578239189115,497655838896336866966802447969939946642,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230404-nyc-court-newsstand-jm-1-5293ed.webp"
content-length
8374
x-request-id
b806d1d4f53213d216ec7737223d4ffa
x-served-by
cache-iad-kiad7000114-IAD
last-modified
Wed, 05 Apr 2023 10:31:01 GMT
server
cloudinary
x-timer
S1680691012.109201,VS0,VE1
etag
"a126ce731f6aec3ddd871d417c9998a8"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31494209
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 04 Apr 2024 16:36:32 GMT
230404-ticketmaster-al-1407-9ae3c2.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/
20 KB
21 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/230404-ticketmaster-al-1407-9ae3c2.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
e22e0b4835c1a36e8fe047dcbdecd1ae650e6df5774c26b036dda7c18678ca23
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
202187939203757903281458155183520668713,330159931769116745378721534506896093588,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230404-ticketmaster-al-1407-9ae3c2.webp"
content-length
20828
x-served-by
cache-iad-kjyo7100091-IAD
last-modified
Wed, 05 Apr 2023 15:01:51 GMT
server
cloudinary
x-timer
S1680707201.750176,VS0,VE1
etag
"3ed104a352070021510ed56b5eb15532"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31510374
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 04 Apr 2024 21:05:57 GMT
210924-michael-k-williams-2016-ac-413p-5eb151.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-160x160,f_auto,q_auto:best/rockcms/2023-04/
3 KB
4 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-160x160,f_auto,q_auto:best/rockcms/2023-04/210924-michael-k-williams-2016-ac-413p-5eb151.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
d7a55e2b82b08c6d95a7f7e2a94ec8139a88831693ed4ce1bf583bedd17cdef0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
236189902087692087148754799304269931040,497655838896336866966802447969939946642,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="210924-michael-k-williams-2016-ac-413p-5eb151.webp"
content-length
3572
x-request-id
8240f7462b94cb29b73708a2d48ca60d
x-served-by
cache-lga21970-LGA
last-modified
Wed, 05 Apr 2023 23:43:23 GMT
server
cloudinary
x-timer
S1680740858.404416,VS0,VE1
etag
"3380016046b2f237396a586b7c2f68ee"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31544085
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 06:27:48 GMT
230405-mobilecoin-bob-lee-mn-1225-732aff.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-160x160,f_auto,q_auto:best/rockcms/2023-04/
5 KB
5 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-160x160,f_auto,q_auto:best/rockcms/2023-04/230405-mobilecoin-bob-lee-mn-1225-732aff.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
9c322c2fc3f21d0e48a73226f77217dfc597f60375a89f3ddb806ecf0cb8c7cf
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
414265526818482165685568451653286518823,497655838896336866966802447969939946642,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230405-mobilecoin-bob-lee-mn-1225-732aff.webp"
content-length
4792
x-served-by
cache-lga21921-LGA
last-modified
Wed, 05 Apr 2023 16:37:53 GMT
server
cloudinary
x-timer
S1680714677.607325,VS0,VE2
etag
"c45134fc10d6ac07f059356e277baf5c"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31517858
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 04 Apr 2024 23:10:41 GMT
230405-donald-glover-se-518p-57bcdb.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/
11 KB
11 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/230405-donald-glover-se-518p-57bcdb.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
cd1dae61f172a36123d0a56dc8be7c011ecaba501b366b024b49e7ff71dccf49
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
412785298488718819754322701319805425598,330159931769116745378721534506896093588,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230405-donald-glover-se-518p-57bcdb.webp"
content-length
10756
x-served-by
cache-lga21936-LGA
last-modified
Wed, 05 Apr 2023 23:12:48 GMT
server
cloudinary
x-timer
S1680740858.427004,VS0,VE1
etag
"d8f183d380df8e98768d086a9f90501d"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31544132
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 06:28:35 GMT
230405-dylan-mulvaney-bud-light-figma-mn-0920-214354.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-200x100,f_auto,q_auto:best/rockcms/2023-04/
2 KB
3 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-200x100,f_auto,q_auto:best/rockcms/2023-04/230405-dylan-mulvaney-bud-light-figma-mn-0920-214354.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
a8488fdb121f8cad28b08018ed9f050fd5638e9c4bde3595157be14c156a5bb0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
2
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
241745277848185325078235951744932760222,392628434942809558477530221381799500531,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230405-dylan-mulvaney-bud-light-figma-mn-0920-214354.webp"
content-length
2232
x-served-by
cache-lga21925-LGA
last-modified
Wed, 05 Apr 2023 19:47:54 GMT
server
cloudinary
x-timer
S1680724147.522639,VS0,VE0
etag
"bd41a802f59c9cf7ad245bbbdb9d9743"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31527335
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 01:48:38 GMT
230405-tamera-mowry-mjf-1126-26217f.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-200x100,f_auto,q_auto:best/rockcms/2023-04/
2 KB
3 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-200x100,f_auto,q_auto:best/rockcms/2023-04/230405-tamera-mowry-mjf-1126-26217f.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
952cf5e059b28e5e0c69252c6b9e40f6b654a30bd9d9fbd5b32380523a6305d2
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
295709462229026833045326508482186930074,392628434942809558477530221381799500531,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230405-tamera-mowry-mjf-1126-26217f.webp"
content-length
2294
x-served-by
cache-iad-kjyo7100024-IAD
last-modified
Wed, 05 Apr 2023 15:42:50 GMT
server
cloudinary
x-timer
S1680719689.172909,VS0,VE1
etag
"9988dea26bf16b1bd37e113b1a94e676"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31522866
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 00:34:09 GMT
230405-silvio-berlusconi-mb-1257-c49bd8.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/
11 KB
11 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-460x230,f_auto,q_auto:best/rockcms/2023-04/230405-silvio-berlusconi-mb-1257-c49bd8.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
b6e181d8d22021fae236554bbc58ab3e296c9bbe71c3e6576f339ee58dc55855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
473182495162454002767461699384890732915,330159931769116745378721534506896093588,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230405-silvio-berlusconi-mb-1257-c49bd8.webp"
content-length
10910
x-request-id
522bfc86772bf5da0bcf04cf8b755448
x-served-by
cache-iad-kjyo7100047-IAD
last-modified
Wed, 05 Apr 2023 12:21:54 GMT
server
cloudinary
x-timer
S1680699148.559495,VS0,VE1
etag
"800a1d3715589dbcfd6c1391ad2918f5"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31502422
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 04 Apr 2024 18:53:25 GMT
230405-charles-camilla-wedding-mb-0854-64df70.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-200x100,f_auto,q_auto:best/rockcms/2023-04/
5 KB
5 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-200x100,f_auto,q_auto:best/rockcms/2023-04/230405-charles-camilla-wedding-mb-0854-64df70.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
c9e5d098ce8ac5a0bfc80ee01f66687c45ae36c41bc8092bf60c175231566a85
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
468274901375257080884408881321403371469,392628434942809558477530221381799500531,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230405-charles-camilla-wedding-mb-0854-64df70.webp"
content-length
5074
x-served-by
cache-lga21949-LGA
last-modified
Wed, 05 Apr 2023 15:14:43 GMT
server
cloudinary
x-timer
S1680719689.169565,VS0,VE1
etag
"3d00b8c5248dbc142d74dab2827fe5cb"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31522980
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 00:36:03 GMT
230405-tsai-ing-wen-kevin-mccarthy-jm-1543-a1412a.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-200x100,f_auto,q_auto:best/rockcms/2023-04/
5 KB
5 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-200x100,f_auto,q_auto:best/rockcms/2023-04/230405-tsai-ing-wen-kevin-mccarthy-jm-1543-a1412a.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
bf9209be13525f21636ba6e3ee76c6fd2bfec6bc5220239a90c1acc935f45c31
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
412877139717165336127290419765904434382,392628434942809558477530221381799500531,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230405-tsai-ing-wen-kevin-mccarthy-jm-1543-a1412a.webp"
content-length
4978
x-request-id
0156d4137a33424b3cd819eb680f112f
x-served-by
cache-iad-kiad7000070-IAD
last-modified
Wed, 05 Apr 2023 20:01:01 GMT
server
cloudinary
x-timer
S1680724910.327007,VS0,VE2
etag
"6f6e1c20844cc5af36652c1caf3e10be"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31528144
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 02:02:07 GMT
1680745616754_now_topstory_eik_youtuber_230405_1920x1080-hov3ms.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/mpx/2704722219/2023_04/
1 KB
2 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/mpx/2704722219/2023_04/1680745616754_now_topstory_eik_youtuber_230405_1920x1080-hov3ms.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
bb3ecc55067ff3d52ee36e07d54bdb67eacea896d14c1212881b579b31248ab4
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
508384960822134039243062671769169306093,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="1680745616754_now_topstory_eik_youtuber_230405_1920x1080-hov3ms.webp"
content-length
1428
x-request-id
91476a2a8e4fe0f0fc35b1a988f1457f
x-served-by
cache-iad-kjyo7100136-IAD
last-modified
Thu, 06 Apr 2023 01:53:01 GMT
server
cloudinary
x-timer
S1680746303.867052,VS0,VE1
etag
"bdf5226eec69e067664d077247070b18"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31549546
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 07:58:49 GMT
1680735783279_nn_mhu_arderns_empowering_farewell_speech_230405_1920x1080-4dubgy.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/mpx/2704722219/2023_04/
2 KB
2 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/mpx/2704722219/2023_04/1680735783279_nn_mhu_arderns_empowering_farewell_speech_230405_1920x1080-4dubgy.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
31ecbfd59a1946443810fb4d721e60fe15d03099f19c17e6f673d347339d62d6
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
399891963363004250380103246623022525691,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="1680735783279_nn_mhu_arderns_empowering_farewell_speech_230405_1920x1080-4dubgy.webp"
content-length
1856
x-served-by
cache-lga21981-LGA
last-modified
Wed, 05 Apr 2023 23:04:27 GMT
server
cloudinary
x-timer
S1680736744.521124,VS0,VE2
etag
"bb9c75e3e83c817ff89c7bcc53805124"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31539987
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 05:19:30 GMT
missouri_homes-z7k5sv.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/mpx/2704722219/2023_04/
3 KB
3 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/mpx/2704722219/2023_04/missouri_homes-z7k5sv.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
d49da972877e89c0fcfaae168568c077d22f4450dfd3af8bbce3d27295067b06
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
513094539027485470469963077269147721018,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="missouri_homes-z7k5sv.webp"
content-length
3026
x-request-id
74f510815e0dc01ab1b8c82b1f161127
x-served-by
cache-iad-kiad7000142-IAD
last-modified
Wed, 05 Apr 2023 15:55:02 GMT
server
cloudinary
x-timer
S1680710215.048039,VS0,VE1
etag
"6cd1c824ad2042e5e4b4e44f6b16ce89"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31513386
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 04 Apr 2024 21:56:09 GMT
230404-donald-trump-arraignment-key-takeaways-ew-552p-947c55.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/
1 KB
2 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/230404-donald-trump-arraignment-key-takeaways-ew-552p-947c55.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
5aaa8db728561ed9909485da8c7f79d1085f97835e23aa7996d467cd09b61139
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
2
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
359190860104167076997511962798327125533,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230404-donald-trump-arraignment-key-takeaways-ew-552p-947c55.webp"
content-length
1142
x-served-by
cache-iad-kjyo7100085-IAD
last-modified
Wed, 05 Apr 2023 00:34:24 GMT
server
cloudinary
x-timer
S1680655682.934504,VS0,VE0
etag
"c349e32d54cd12e00f9f04bb0b45cfc1"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31458935
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 04 Apr 2024 06:48:38 GMT
230404-rome-colosseum-mn-0910-0967c9.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/
2 KB
3 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/230404-rome-colosseum-mn-0910-0967c9.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
af70a5a9316f6ba9469e45ab3418d30fe023d4d4107edad3caea4f2a875e0ada
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
2
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
194275419092922473646129618360929878841,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230404-rome-colosseum-mn-0910-0967c9.webp"
content-length
2164
x-served-by
cache-lga21932-LGA
last-modified
Tue, 04 Apr 2023 13:18:45 GMT
server
cloudinary
x-timer
S1680614997.337597,VS0,VE0
etag
"c0c8b434721fa1430e62aa518f4203f5"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31418142
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Wed, 03 Apr 2024 19:28:45 GMT
230212-chinese-balloon-jm-1703-ca1f5a.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-02/
2 KB
3 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-02/230212-chinese-balloon-jm-1703-ca1f5a.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
20dc8d709eb3b121879e4796822a5460bb32c8eb9b12d3e7917c76b0154b4cae
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
353031893074151730817850461021226687530,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230212-chinese-balloon-jm-1703-ca1f5a.webp"
content-length
2496
x-served-by
cache-iad-kjyo7100039-IAD
last-modified
Mon, 13 Feb 2023 16:21:17 GMT
server
cloudinary
x-timer
S1680519951.497333,VS0,VE1
etag
"de978c9ae3e0f776732986a0fe9fa68d"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31323229
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Tue, 02 Apr 2024 17:06:52 GMT
230405-dylan-mulvaney-bud-light-figma-mn-0920-214354.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/
2 KB
2 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/230405-dylan-mulvaney-bud-light-figma-mn-0920-214354.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
cba3b26e237f6ee1546d0bae1325c19fcb0216fba7d01e99d3d1f63cc6ef20c4
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
241745277848185325078235951744932760222,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230405-dylan-mulvaney-bud-light-figma-mn-0920-214354.webp"
content-length
1736
x-served-by
cache-lga21931-LGA
last-modified
Wed, 05 Apr 2023 19:46:39 GMT
server
cloudinary
x-timer
S1680724147.517306,VS0,VE13
etag
"e6b1abd97573006ae671cd4a58217e8d"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31527324
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 01:48:27 GMT
230405-Juan-Merchan-trump-judge-mjf-1604-28f407.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/
1 KB
2 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/230405-Juan-Merchan-trump-judge-mjf-1604-28f407.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
ab338808e940c1cf710c23ddd32cbca482dfc63fd64df682e4826c8db7477478
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
473259856971890689134409124143147799459,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230405-Juan-Merchan-trump-judge-mjf-1604-28f407.webp"
content-length
1106
x-served-by
cache-iad-kiad7000087-IAD
last-modified
Wed, 05 Apr 2023 21:32:33 GMT
server
cloudinary
x-timer
S1680731260.048457,VS0,VE1
etag
"329875599d4bb82551481cc04432486d"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31534502
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 03:48:05 GMT
tdy_news_7a_cobiella_royals_230405-gwteep.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/mpx/2704722219/2023_04/
2 KB
2 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/mpx/2704722219/2023_04/tdy_news_7a_cobiella_royals_230405-gwteep.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
58bf62a940c1cde0b3a0dad46d0b62b755e94f56f9e4ab12279622194a5a386a
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
331049894927305251240297028752825960013,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="tdy_news_7a_cobiella_royals_230405-gwteep.webp"
content-length
1944
x-request-id
08fd088784573c1fb75dc68ad96e13b8
x-served-by
cache-iad-kjyo7100089-IAD
last-modified
Wed, 05 Apr 2023 13:10:49 GMT
server
cloudinary
x-timer
S1680700300.966550,VS0,VE5
etag
"2d08d53087cc6b0730d3b65e56d3aa5e"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31503460
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Thu, 04 Apr 2024 19:10:43 GMT
230403-deepest-fish-mb-1002-bb98d8.png
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/
1 KB
2 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/230403-deepest-fish-mb-1002-bb98d8.png
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
889a6a4c5ac6f761824dcb8ac9c979221901da1ca937dd0b4e8280626a943fa1
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
433415904744158552786545338169322913857,383046516653131471828242700182627839850,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230403-deepest-fish-mb-1002-bb98d8.webp"
content-length
1178
x-served-by
cache-iad-kjyo7100092-IAD
last-modified
Mon, 03 Apr 2023 15:30:14 GMT
server
cloudinary
x-timer
S1680589328.745612,VS0,VE2
etag
"6187262ec5ee3fb8b056d2b46a42162e"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31392494
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Wed, 03 Apr 2024 12:21:17 GMT
230404-donald-trump-indictment-arraignment-legal-analysis-jg-0f6233.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/
2 KB
2 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-04/230404-donald-trump-indictment-arraignment-legal-analysis-jg-0f6233.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
004d0290b2526af04cb9a520e41d62b4d02379857779ddcf4a31ad0749593a1b
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
185595576577275091866623399828295881783,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230404-donald-trump-indictment-arraignment-legal-analysis-jg-0f6233.webp"
content-length
2034
x-served-by
cache-iad-kiad7000077-IAD
last-modified
Wed, 05 Apr 2023 21:31:28 GMT
server
cloudinary
x-timer
S1680731464.979312,VS0,VE1
etag
"0eb3c6d78877c18a2734effc986739dd"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31534635
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 03:50:18 GMT
hfs-header.js
nodeassets.nbcnews.com/assets/header-footer/1.118.0/
19 KB
6 KB
Script
General
Full URL
https://nodeassets.nbcnews.com/assets/header-footer/1.118.0/hfs-header.js
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/ads.b1f2c549.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8aeddec286adac4df769c2ddc134390534f0ccb13d5dd4adc4995bb91785dc82
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
ctbuSeYV4CsqCyiLZK_8dp3uhZAhbj_N
content-encoding
br
date
Thu, 06 Apr 2023 04:13:04 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
1XRQY8934JTCK9BQ
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14943653_19_3987_6_0";dur=1
content-length
5943
x-amz-id-2
X5szp69vQcZzxRCANr9Scf/CmLMgfbiRAaUqtStBCTD1GFE0YklrPPnJ9KWMlN9W837ArGnMxxE=
last-modified
Thu, 30 Mar 2023 16:30:41 GMT
server
AmazonS3
etag
"6ed6191a7178e5546e5a6276a97ae902"
content-type
text/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:04 GMT
loader.js
cdn.taboola.com/libtrc/nbcnews/
629 KB
67 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/nbcnews/loader.js
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/ads.b1f2c549.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63ee6c6cf034af913a873e9d64304db9e3baef9b1ee53d2378b4694e66e4ecfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
SnT_Qs7NCfYpHJ73RKLYWowNCHLFaQ6l
content-encoding
gzip
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:04 GMT
x-amz-request-id
FV7HFWAXC45MREEF
age
145
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
67939
x-amz-id-2
jKJa51Wk/DsCqyQn7xW0ugIbPgAm2NQUC04Icx/BA43sOsBjPzbu7DowQoWw8IkkfsXqG1datYk=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 04 Apr 2023 14:46:57 GMT
server
AmazonS3
x-timer
S1680754384.324594,VS0,VE1
etag
"9240c1deee03bbf4ba780290f18d62f7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
82
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
select.svg
nodeassets.nbcnews.com/cdnassets/logos/select/
5 KB
3 KB
Image
General
Full URL
https://nodeassets.nbcnews.com/cdnassets/logos/select/select.svg
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/css/7af26e3a52eb36fd.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aeea97b165c6d67b516aea972a615e5ad65eca5e88d2663e701da80d6ea676a3
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nodeassets.nbcnews.com/_next/static/css/7af26e3a52eb36fd.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
Fhyh0wd1v9qoscf7A2egAy_TA1ih0lTM
content-encoding
br
date
Thu, 06 Apr 2023 04:13:04 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
HJ5GESKY5QF9K2XQ
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="466876_389993759_14943669_975_4188_6_0";dur=1
content-length
2128
x-amz-id-2
nIWGG5i/E6/C6SuN0o8LRp4UlbFwuE2GAhiKNuAU/c0zEnILXO45i4AMMrXLa6V2MigU78omUaA=
last-modified
Thu, 30 Sep 2021 21:16:34 GMT
server
AmazonS3
etag
"ffda2eab0c8edfe14cc9d5b48b7db3d7"
content-type
image/svg+xml
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:04 GMT
sigma.html
user.subsystemsselv.tk/ Frame BF3A
5 MB
1 MB
Document
General
Full URL
https://user.subsystemsselv.tk/sigma.html?stream=NEWS_NOW&mvpdHash=&mpid=9f67abda-d9a0-467e-a01a-40d5a9ad388f&timestamp=1680754310907&usPrivacy=1---&autoplay=true&mutedAutoplay=true&token_Widevine=fbd7a5ec8946dcbd280c6adc7cd2d9edad415035b228ed405061e66a85af671c&token_Fairplay=334124df071ecd2d04d604ec8f5b85661671be6dfc4ca12ef484591fc1e54428&token_PlayReady=6e2ba810f3edc5d8f79b9334a8479c6c80777124bd8f232ff8d624bbdb17a08b&initialWidth=260&childId=core-video&parentTitle=NBC%20News%20-%20Breaking%20News%20%26%20Top%20Stories%20-%20Latest%20World%2C%20US%20%26%20Local%20News%20%7C%20NBC%20News&parentUrl=https%3A%2F%2Fuser.subsystemsselv.tk%2F
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/3852-ce0f08b5d191a986.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.227.196.57 Chicago, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-227-196-57.static.hvvc.us
Software
nginx/1.22.1 / Express
Resource Hash
5c63d9b104a33e3ace3daf979afc0acc81f09774fafad895cd77a36aa833495a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://user.subsystemsselv.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-encoding
br
content-language
en
content-length
1396511
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Thu, 06 Apr 2023 04:13:04 GMT
etag
W/"54fdff-18752f1ebd8"
last-modified
Wed, 05 Apr 2023 19:43:19 GMT
server
nginx/1.22.1
strict-transport-security
max-age=2628000 ; preload
x-backend-server
green-ramen2-68dccb5867-xzfmm
x-powered-by
Express
nbcnews21.jpg
sprtsecureassets.akamaized.net/operations/slates/
296 KB
297 KB
Image
General
Full URL
https://sprtsecureassets.akamaized.net/operations/slates/nbcnews21.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:480:f::213:7ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b5848434607a7498332c7482dc048070d09751df72ca7e268050b8f60a22cd83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 06 Apr 2023 04:13:04 GMT
Last-Modified
Tue, 09 Nov 2021 16:35:39 GMT
Server
AkamaiNetStorage
ETag
"bde99618568d01d804bce3a641b251ce:1636475739.437156"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
303213
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
broadcastSchedules
www.nbcnews.com/bentoapi/
10 KB
1 KB
Fetch
General
Full URL
https://www.nbcnews.com/bentoapi/broadcastSchedules
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/3502-47fff04d7b6232ed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:58f::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
c80811682890bc851521c2ec9b34650fda42174c4bcc33f3f0c4ef142a2ba416
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:04 GMT
content-encoding
br
strict-transport-security
max-age=2628000 ; preload
server
nginx
content-security-policy
upgrade-insecure-requests;
x-powered-by
Express
etag
W/"29d6-ZL03AFU4PPiXJ0C0Qx6Qqun77ks"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-language
en
cache-control
max-age=48
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-backend-server
green-ramen2-55c5f5444-xpfsb
content-length
1023
230120-thinning-hair-kb-1x1.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/newscms/2023_04/3591393/
2 KB
3 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/newscms/2023_04/3591393/230120-thinning-hair-kb-1x1.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
88272b5d03b2c8eaae58a1f5bbdebda773fc69b25b6917b5cb5b3b7c4c798ce0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:04 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
424231824423336253305527577950844085337,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
content-disposition
inline; filename="230120-thinning-hair-kb-1x1.webp"
content-length
2138
x-served-by
cache-iad-kjyo7100066-IAD
last-modified
Mon, 23 Jan 2023 14:49:04 GMT
server
cloudinary
x-timer
S1680728231.895281,VS0,VE1
etag
"8c2f4364b26cd6f623cee9f2012c2a3a"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31531434
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 02:56:58 GMT
230404-flowers-mothers-day-kb-1x1.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/newscms/2023_14/3601456/
2 KB
3 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/newscms/2023_14/3601456/230404-flowers-mothers-day-kb-1x1.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
569f737437cb1189eb746c9157a46317f35ff7fe03220fa64090ddf84d9e1b6c
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
1
date
Thu, 06 Apr 2023 04:13:04 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
364978270427816455339394304129145783350,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230404-flowers-mothers-day-kb-1x1.webp"
content-length
2406
x-request-id
6a7b6adab56a90c29a74bc6532d1085c
x-served-by
cache-iad-kiad7000056-IAD
last-modified
Wed, 05 Apr 2023 20:49:13 GMT
server
cloudinary
x-timer
S1680728242.858522,VS0,VE1
etag
"3400ca86c9d1f8bae89688ad75d479ef"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31531494
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 02:57:58 GMT
230405-gardening-tools-vl-1x1.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/newscms/2023_14/3601593/
2 KB
3 KB
Image
General
Full URL
https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/newscms/2023_14/3601593/230405-gardening-tools-vl-1x1.jpg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:6b1::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
cloudinary /
Resource Hash
9feeee1cd462d6006e1a88d494a55210e312749abf6c8ee3a8f640fa8d97ea8d
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
2
date
Thu, 06 Apr 2023 04:13:04 GMT
strict-transport-security
max-age=2628000 ; preload
cache-tag
488998026781094736511600340105958260410,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
status
200 OK
content-disposition
inline; filename="230405-gardening-tools-vl-1x1.webp"
content-length
2524
x-request-id
88f5721e2803066edfbbdb303ce2c2f3
x-served-by
cache-lga21970-LGA
last-modified
Wed, 05 Apr 2023 19:42:36 GMT
server
cloudinary
x-timer
S1680723938.187768,VS0,VE0
etag
"dbdb40b0a3ddb8d091ed5497bb428305"
content-type
image/webp
access-control-allow-origin
*
cache-control
public, private, max-age=31527068
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
expires
Fri, 05 Apr 2024 01:44:12 GMT
news
user.subsystemsselv.tk/services/miniPlayerTease/
825 B
988 B
Fetch
General
Full URL
https://user.subsystemsselv.tk/services/miniPlayerTease/news
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-5209fc2fe6616675.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.227.196.57 Chicago, United States, ASN29802 (HVC-AS, US),
Reverse DNS
23-227-196-57.static.hvvc.us
Software
nginx/1.22.1 / Express
Resource Hash
501abf1de8aa3888c7aae30cf5fe4244e943231f7a6d4bc88ae5949a9df67971
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload

Request headers

Referer
https://user.subsystemsselv.tk/
x-original-correlation-id
undefined
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:04 GMT
content-encoding
gzip
strict-transport-security
max-age=2628000 ; preload
server
nginx/1.22.1
content-security-policy
upgrade-insecure-requests;
x-powered-by
Express
etag
W/"339-TPEF5TFoGLfD6OgmFeIucaWXktg"
vary
Accept-Encoding
content-language
en
content-type
application/json; charset=utf-8
x-backend-server
green-ramen2-55c5f5444-xpfsb
content-length
510
load.js
widget.perfectmarket.com/nbcnews/
4 KB
2 KB
Script
General
Full URL
https://widget.perfectmarket.com/nbcnews/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40d387d2577430684856fccdd2491decb82ace5d4a302710772935ef05e8a79b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
Aj5.V_AdAkulS6AG1wi09lbD8waSnbd2
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 06 Apr 2023 04:13:04 GMT
x-amz-request-id
YVVWNWX1W4PCY9T6
age
253
x-cache
HIT, HIT
content-length
1342
x-amz-id-2
AqMXU4HD6w65AWYVbzpCVgq/DOvE7p31XMAjYnEZN5VpK23s047S0X1zQT1jKqxd+JHbKBD4Bn8=
x-served-by
cache-bur-kbur8200072-BUR, cache-fra-eddf8230110-FRA
last-modified
Wed, 30 Jun 2021 08:01:43 GMT
server
AmazonS3
x-timer
S1680754385.545351,VS0,VE1
etag
"70b070adb8bca75cd4f9cd60465bb8df"
vary
Accept-Encoding,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-cache-hits
1575, 1
impl.20230404-24-RELEASE.js
cdn.taboola.com/libtrc/
740 KB
155 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7b8229a042f170d262a77b93bc514a56ec5b4fdbd28aa4aa9daa26ff30cb7835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
gBeDEqA0ENZs_Jg2tNErKtKvtzRGRtvU
content-encoding
br
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:04 GMT
x-amz-request-id
WVQC1P8Y4C0YG67C
age
20772
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
158174
x-amz-id-2
WA7XuHQngHRvnsmQZcUCCqJzslfKdgy16m1adOZYTZwKBDq1exDvzNMy8NIH9py22Wr0P5tMDIs=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 04 Apr 2023 14:26:46 GMT
server
AmazonS3-br
x-timer
S1680754385.527532,VS0,VE0
etag
"90b5ad8ffd23e16f7d9108ca4ba3acc2"
vary
Accept-Encoding
content-type
application/javascript
abp
71
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
14771
beacon.js
sb.scorecardresearch.com/
4 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 06:30:31 GMT
content-encoding
gzip
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
last-modified
Thu, 09 Mar 2023 09:22:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
78154
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
da_wr67p3_Ry3tL1jmkOzV09kY8QyQWQVq418vU2ROy102AIMcYPqA==
pmk-202010011.64.js
widget.perfectmarket.com/nbcnews/
89 KB
25 KB
Script
General
Full URL
https://widget.perfectmarket.com/nbcnews/pmk-202010011.64.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/nbcnews/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d14bf5026c7295be75d26ef54efff9366bfe9a67e01b96483259a5845138803

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
iMsSQw.DMCTyDHmYCPQonMbiKRjpXz7z
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Thu, 06 Apr 2023 04:13:04 GMT
x-amz-request-id
NYP9EB1HF2Y3G24N
age
1707511
x-cache
HIT, HIT, HIT
content-length
24731
x-amz-id-2
0pNb3SNH2hUowZ9hjoKw5S/XA0SECsDM5PLtxnxyS/TAGdpf8Aokc9cZd7JtA/OsNBWvaxjjHro=
x-served-by
cache-lax10623-LGB, cache-bur-kbur8200157-BUR, cache-fra-eddf8230110-FRA
last-modified
Wed, 30 Jun 2021 08:01:43 GMT
server
AmazonS3
x-timer
S1680754385.559619,VS0,VE0
etag
"40de78c28bbd20304793d990240ab2e7"
vary
Accept-Encoding,,,
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
7105, 4518, 2
b
sb.scorecardresearch.com/
0
225 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1680754384559&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fuser.subsystemsselv.tk%2F&c8=NBC%20News%20-%20Breaking%20News%20%26%20Top%20Stories%20-%20Latest%20World%2C%20US%20%26%20Local%20News%20%7C%20NBC%20News&c9=
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:04 GMT
via
1.1 d954dd318e06aa0e69375f36dcd819de.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
unXpGopgVcy1-w4EI0e5B_VfkOTk0usCOzP1yIwZ0D5u1hIRGQkXWg==
x-cache
Miss from cloudfront
sync
gum.criteo.com/
46 B
303 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
326470
expires
60
json
trc.taboola.com/nbcnews/trc/3/
94 KB
26 KB
XHR
General
Full URL
https://trc.taboola.com/nbcnews/trc/3/json?tim=04%3A13%3A04.589&lti=deflated&data=%7B%22id%22%3A15%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1680619589771%2C%22vi%22%3A1680754384586%2C%22cv%22%3A%2220230404-24-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.nbcnews.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fuser.subsystemsselv.tk%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8066%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-q%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A7706.859375%2C%22mw%22%3A1160%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-r%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Text%20Link%20-%20Bento%22%2C%22orig_uip%22%3A%22Homepage%20Text%20Link%20-%20Bento%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-q%3Aabp%3D0%2C%2CHomepage%20Text%20Link%20-%20Bento%3Dthumbnails-r%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cc6529e14d173febf0d82fbded626e054f9661168837669e0e5205038a60cf8a

Request headers

Referer
https://user.subsystemsselv.tk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
377
date
Thu, 06 Apr 2023 04:13:04 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230044-FRA
server
nginx
x-timer
S1680754385.597639,VS0,VE377
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://user.subsystemsselv.tk
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.9/
111 KB
31 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:05 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
2743695
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
30995
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Sun, 05 Mar 2023 10:04:45 GMT
server
AmazonS3
x-timer
S1680754385.003151,VS0,VE0
etag
"c04a240008c67910556582d1bf159ad7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hb8k5qTx84vjvnZKLEByyGLQ8mj--ue9G2l1Fxf9ze3Xeud14VgcLA==
x-cache-hits
50866
feed-card-placeholder.20230404-24-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230404-24-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
756cdd0fa45963854a07e5b5294bc991d0028831056056766192a50e3c348923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
adKtrJ.eCryar3CNZvhndprpjhGn5Wdp
content-encoding
gzip
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:05 GMT
x-amz-request-id
AW5G22A1V4218V5T
age
135358
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1263
x-amz-id-2
T2NYC5048mR+mLz0RrIAlPi6bVVV6ZtxuxwFJ2e2w9gI2ieZzMp9t07VP5yHwgdyIMO4MgU+K6c=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 04 Apr 2023 14:37:07 GMT
server
AmazonS3
x-timer
S1680754385.031258,VS0,VE0
etag
"350aeafb5307ebcec68a43d4c2c6a379"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
224245
cta-component.20230404-24-RELEASE.es6.js
cdn.taboola.com/libtrc/
19 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230404-24-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2eba0c668c4cf3ca9b2c3033bea44179f78811976dd0fc2d0568a3a822d28663

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
myLf.5ow00.fubh0j9CvfMRM9klT2iGI
content-encoding
gzip
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:05 GMT
x-amz-request-id
7BE37QYNQSNMMHYN
age
135376
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4739
x-amz-id-2
e1CupWGahrs+//GA2B33VoZ6Es8CnJdVvUYPEeMiA4hwV1v0S5x74q3QIuvwsDmp1w+txru9U0I=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 04 Apr 2023 14:36:49 GMT
server
AmazonS3
x-timer
S1680754385.047247,VS0,VE0
etag
"16348ba0782e03d5b38390d77f5f79af"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
213510
userx.20230404-24-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20230404-24-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94e25a4cbb905f5c59751999c7f2e02e2141e2dd71fd7ed52d493c394e56523b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
m2dv36SJb4O6X0aqffRTbo8YE2yPodG6
content-encoding
gzip
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:05 GMT
x-amz-request-id
WMFST8VKQPN18YRP
age
135284
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
2+2V5ospOQfdEz/jNzm0YLsbTr9WMkMsZGUTcGMHi5X4h/jgbHY8YyGVJD2RnlUSM0+Ij7bFiIg=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 04 Apr 2023 14:38:20 GMT
server
AmazonS3
x-timer
S1680754385.049180,VS0,VE0
etag
"099d476c2a4b3722525fe1b627f3aed8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
46994
distance-from-article.20230404-24-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230404-24-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c56246e8ed44c3b03690c7f3bb7e3c6f9a0044c34dcc8b2fc5d5bf51ee28a01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
BU1PAEH_9dvtarP_LzbBeDu3mMyN0.Jy
content-encoding
gzip
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:05 GMT
x-amz-request-id
J54GSNAP73ANNWG6
age
135372
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1013
x-amz-id-2
j+gb5CSoF3RhcJc4Brf4Hd+i4luXqQvGvjhIXFhQ9QFZNqQzOExfRqleqSkXvsMgHgRWCNIxb4w=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 04 Apr 2023 14:36:53 GMT
server
AmazonS3
x-timer
S1680754385.049850,VS0,VE0
etag
"e7e80667207c4535fdb22ad986e8f580"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
66784
article-detection.20230404-24-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230404-24-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa9332df86ab0e526394d968020a7cee7da13ecbc46fc2b0ca9af5ad21e64757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
_TIeezvLunF8ezg3QF08Bj3i3Kl9MM_0
content-encoding
gzip
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:05 GMT
x-amz-request-id
9R3CZVKMQ2PPVC56
age
135390
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1236
x-amz-id-2
NiyyGDJLdr1+S6lH8yjH//gid1PrEd84DTBQ/kTD/PajowyI7d0x45uKTtJntf7D3NymHDVcb0g=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 04 Apr 2023 14:36:35 GMT
server
AmazonS3
x-timer
S1680754385.050466,VS0,VE0
etag
"316a75c7ee26e727e643fd02f4db9432"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
66721
abtests
trc.taboola.com/nbcnews/log/3/
0
273 B
Ping
General
Full URL
https://trc.taboola.com/nbcnews/log/3/abtests?route=AM:AM:V&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1680754385078%7D&tim=04%3A13%3A05.078&id=108&llvl=2&ri=6aaef77156d0374793f7829852e6f022&sd=v2_3125dad934042fd5672f8a7d574db108_d02fc29a-ebcf-44a5-9695-d5f0316ae0e5-tuctb27cc50_1680754384_1680754384_CIi3jgYQvNg9GMq9kqb1MCABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABozq3NxKCqkvbKAXAA&ui=d02fc29a-ebcf-44a5-9695-d5f0316ae0e5-tuctb27cc50&pi=/&wi=1158825678318793646&pt=home&vi=1680754384586&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Thu, 06 Apr 2023 04:13:05 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230044-FRA
server
nginx
x-timer
S1680754385.079859,VS0,VE8
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://user.subsystemsselv.tk
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abtests
am-trc-events.taboola.com/nbcnews/log/3/
0
231 B
Image
General
Full URL
https://am-trc-events.taboola.com/nbcnews/log/3/abtests?route=AM:AM:V&lti=deflated&ri=6aaef77156d0374793f7829852e6f022&sd=v2_3125dad934042fd5672f8a7d574db108_d02fc29a-ebcf-44a5-9695-d5f0316ae0e5-tuctb27cc50_1680754384_1680754384_CIi3jgYQvNg9GMq9kqb1MCABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABozq3NxKCqkvbKAXAA&ui=d02fc29a-ebcf-44a5-9695-d5f0316ae0e5-tuctb27cc50&pi=/&wi=1158825678318793646&pt=home&vi=1680754384586&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1680754385039%7D&tim=04%3A13%3A05.039&id=3666&llvl=2&cv=20230404-24-RELEASE&
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 06 Apr 2023 04:13:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:05 GMT
x-amz-request-id
YCPN939ZR6JJT6WN
age
44
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
yzGHlw/rdsJZxfwjmgR6mRS1ezwFJNkMwxyepEPhwn4b63VEpi0BN5pw+o7ibBuFdbDoYdZBCes=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1680754385.100981,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
71
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
40
social
am-trc-events.taboola.com/nbcnews/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/nbcnews/log/3/social?route=AM:AM:V&lti=deflated&ri=6aaef77156d0374793f7829852e6f022&sd=v2_3125dad934042fd5672f8a7d574db108_d02fc29a-ebcf-44a5-9695-d5f0316ae0e5-tuctb27cc50_1680754384_1680754384_CIi3jgYQvNg9GMq9kqb1MCABKAEwODib4wlAiYoQSMOz2QNQ____________AVgAYABozq3NxKCqkvbKAXAA&ui=d02fc29a-ebcf-44a5-9695-d5f0316ae0e5-tuctb27cc50&pi=/&wi=1158825678318793646&pt=home&vi=1680754384586&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fuser.subsystemsselv.tk%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22NBC%20News%20-%20Breaking%20News%20%26%20Top%20Stories%20-%20Latest%20World%2C%20US%20%26%20Local%20News%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fmedia4.s-nbcnews.com%2Fi%2Fnewscms%2F2019_01%2F2705191%2Fnbc-social-default_b6fa4fef0d31ca7e8bc7ff6d117ca9f4.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=04%3A13%3A05.096&id=8081&llvl=2&cv=20230404-24-RELEASE&
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 06 Apr 2023 04:13:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
freewheel-params
video-ads-module.ad-tech.nbcuni.com/v1/ Frame BF3A
2 KB
2 KB
Fetch
General
Full URL
https://video-ads-module.ad-tech.nbcuni.com/v1/freewheel-params?appName=nbcnews&appBrand=nbcnews&appBundleId=com.nbcnews.tvx&appBuild=1.0.1&sdkName=core-video-sdk-js&sdkVersion=2.10.2-nbcnews.hotfix.1&playerVersion=v3.0.5-v53&isMiniPlayer=false&mvpdHash=&coppaApplies=false&deviceAdvertisingTrackingConsent=true&mParticleId=9f67abda-d9a0-467e-a01a-40d5a9ad388f&usPrivacy=1---&httpUserAgent=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F111.0.5563.146%20safari%2F537.36&videoDurationInSeconds=600&streamType=linear&adCompatibilityEncodingProfile=am_abrspec&brightlineEnabled=false&channelName=nbc_news_now&platform=web&appVersion=1.0.1&playerHeightPixels=1080&playerWidthPixels=1920&variantId=mediatailor
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/sigma.html?stream=NEWS_NOW&mvpdHash=&mpid=9f67abda-d9a0-467e-a01a-40d5a9ad388f&timestamp=1680754310907&usPrivacy=1---&autoplay=true&mutedAutoplay=true&token_Widevine=fbd7a5ec8946dcbd280c6adc7cd2d9edad415035b228ed405061e66a85af671c&token_Fairplay=334124df071ecd2d04d604ec8f5b85661671be6dfc4ca12ef484591fc1e54428&token_PlayReady=6e2ba810f3edc5d8f79b9334a8479c6c80777124bd8f232ff8d624bbdb17a08b&initialWidth=260&childId=core-video&parentTitle=NBC%20News%20-%20Breaking%20News%20%26%20Top%20Stories%20-%20Latest%20World%2C%20US%20%26%20Local%20News%20%7C%20NBC%20News&parentUrl=https%3A%2F%2Fuser.subsystemsselv.tk%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:e::1732:834c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ae98779a2dfd22776c827c5252852ccec48f051b3deeb63f7100975091efe850
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Thu, 06 Apr 2023 04:13:05 GMT
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
1587
x-xss-protection
0
referrer-policy
no-referrer
etag
W/"633-6PZS7iP5WsWJn7RqtQY6H/BBH1U"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
access-control-allow-credentials
true
/
mps.nbcuni.com/request/page/json/params/
44 KB
12 KB
XHR
General
Full URL
https://mps.nbcuni.com/request/page/json/params/?CALLBACK=mpsCallback&cat=homepage&cag%5Bplatform%5D=ramen&cag%5Btargeting%5D=nbcnews%7Chomepage&adunit=%2F2620%2Fnbcnews%2Fhomepage&type=bentofront&content_id=homepage&site=nbcnews-bento&path=%2F&cag%5Badunit1%5D=2620&cag%5Badunit2%5D=nbcnews&cag%5Badunit3%5D=homepage&title=NBC%20News%20-%20Breaking%20News%20%20Top%20Stories%20-%20Latest%20World%20US%20%20Local%20News%20%20NBC%20News&ismobile=false&NOLOAD=mpstools&USE_OVERLAY=0&IRSOURCE=false&ASYNC=1
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-60.deploy.static.akamaitechnologies.com
Software
Apache/2.4.38 (Debian) / PHP/7.1.33
Resource Hash
da61d8b5bad5d2548301f0faa02e7ef79eff99fa7e541fd72ed8a24e4300fd56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Apr 2023 04:13:05 GMT
Content-Encoding
gzip
Server
Apache/2.4.38 (Debian)
X-Powered-By
PHP/7.1.33
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
11571
Expires
Thu, 06 Apr 2023 04:13:05 GMT
st
imprammp.taboola.com/ Frame 06CC
529 B
443 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&cmcv=&pix=undefined&cb=1680754385772&uv=3265&tms=1680754385772&abt=nonrv_vA!rv0lcr_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7c9caefb-106c-4578-9b6e-aa06f88b31e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d6a3e66c8af45914c313cbc1401c93e27bd63339b3ea769ca2a4f1413095feb6

Request headers

Referer
https://user.subsystemsselv.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 06 Apr 2023 04:13:05 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230044-FRA
x-timer
S1680754386.776146,VS0,VE12
sync
am-match.taboola.com/ Frame 78D7
529 B
614 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d6a3e66c8af45914c313cbc1401c93e27bd63339b3ea769ca2a4f1413095feb6

Request headers

Referer
https://user.subsystemsselv.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 06 Apr 2023 04:13:05 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&cmcv=&pix=31589837&cb=1680754385772&uv=3265&tms=1680754385772&abt=nonrv_vA!rv0lcr_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1680754382802.2!ts:1680754385772&mntl=1
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:05 GMT
content-length
0
server
nginx
gpt.js
securepubads.g.doubleclick.net/tag/js/
77 KB
26 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f59f0970a83f8e48c69a140fe8f69664ee622cc6657ced25dc6d9395f21551d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25655
x-xss-protection
0
server
cafe
etag
690 / 19453 / m202303300101 / config-hash: 10004049301988528966
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 06 Apr 2023 04:13:05 GMT
generic
match.adsrvr.org/track/cmf/ Frame 06CC
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&cmcv=&pix=undefined&cb=1680754385772&uv=3265&tms=1680754385772&abt=nonrv_vA!rv0lcr_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7c9caefb-106c-4578-9b6e-aa06f88b31e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 06 Apr 2023 04:13:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 06CC
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&cmcv=&pix=undefined&cb=1680754385772&uv=3265&tms=1680754385772&abt=nonrv_vA!rv0lcr_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7c9caefb-106c-4578-9b6e-aa06f88b31e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:a2bd:f7af:253c:4fd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
moatheader.js
z.moatads.com/nbcuyieldheader7581548001/
226 KB
80 KB
Script
General
Full URL
https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.229.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-113.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7aec81d128c0c8c74c253e848d2f18c282640481ac96d2a7c26858df35156685

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:05 GMT
content-encoding
gzip
last-modified
Tue, 04 Apr 2023 14:00:19 GMT
server
AmazonS3
x-amz-request-id
PT35F7151TJTP6M7
etag
"67cdf8bde11f8eaf6f7e19a8b9de0837"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=21720
accept-ranges
bytes
content-length
81195
x-amz-id-2
Pu1Eb132vOdzu9Q9bDcMUVw7WIVCRYRBGQ8U3waX1UDOHOjmQ5z9RJnK+Dgm5A8wX9PW6ViltejG1+g9ZNaJS7WeJTsiU7PLB3sV1OLToVE=
apstag.js
c.amazon-adsystem.com/aax2/
224 KB
55 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 03:20:25 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified
Wed, 05 Apr 2023 20:18:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
3161
x-amz-server-side-encryption
AES256
etag
W/"f3bdba5d8011fb0ade3d89050f53abe7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
gm9BFVuIToXVhtSz-gbqGpFfsd9XWieYNy2OuAj3qWtyCan4FgkmkA==
service
usasync01.admantx.com/admantx/
64 B
209 B
Script
General
Full URL
https://usasync01.admantx.com/admantx/service?request=%7B%22decorator%22%3A%22template.nbc_template%22%2C%22key%22%3A%2262263fff3cc1d07f85c7f8261a0c8f7dc096b35f59c82a713f20a9db8d562ff2%22%2C%22method%22%3A%22descriptor%22%2C%22filter%22%3A%22default%22%2C%22mode%22%3A%22async%22%2C%22type%22%3A%22URL%22%2C%22body%22%3A%22https%3A%2F%2Fuser.subsystemsselv.tk%2F%22%7D
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.30.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-30-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8a3182656fd57804a9fa5a9913e6d9115a8a9c39092c9372b346d6fa26fc76c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 06 Apr 2023 04:13:06 GMT
strict-transport-security
max-age=31536000
server
nginx
content-length
64
content-type
text/plain; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 3D34
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&cmcv=&pix=undefined&cb=1680754385772&uv=3265&tms=1680754385772&abt=nonrv_vA!rv0lcr_vA!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=7c9caefb-106c-4578-9b6e-aa06f88b31e4&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 06 Apr 2023 04:13:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 78D7
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 06 Apr 2023 04:13:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 78D7
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:a2bd:f7af:253c:4fd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame F0A9
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8c-YCLAYQWnxEfD2QUBEgtPiI-HogoSoAAABgYID-AMltnBuHy2ZxKwazjVu02g3Xyolt5VY4DLOZcTjxLFamISC5jXPjcNksbsVgtnGLVrvhWjmxrdwKh2E2Mw4nnsXKNAUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0w0HQ6fK57ve73u8stHrvL97lr_G6_HAAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAAxaGgHU679R8AAAAAQAAAAACQABgAuywB0MFdceL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GFLDwYjgpEbwTqSgtggjAAAAALnVm5FHJukEFYsq_____VYArgAABBxSEX8SZNEdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRCSQk-aoIHCDzW_gAAAa34BAQDYjBsAgDcCcIKOga0Wo9lwdQZwuJwdAAAAgDv_____ekBmMVmNHCbnZjQYTWYm12w3mRkXvpFrNxpZHIPh9nT0Uu-JJ8Q69hERltnvOwj5bpfh4XMZREXX22J3OM2eg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwOxWAzQRAyWy8lkMdmtRqvRZrgbzQYLJBCDCaJo0WCyGo0mi8lwNZqsZsvFbrdBFK1azUabwXA1m8x2u9VwMFyORmjCFqPVZLJZDmfLxWQwHA1HoyGCIcNk5rEsF26VxWNzi0YL11o5W67WItfMsFnMFi7DyrUWvT6mi2W38bgGWyQYwLEXydMinSgMM-Nk5tktPBbjZOIcrIabycK0Wk02xt1yZRhNxBLNySKdyC77zmKyGjlMzs1oMJrMTK7ZbjIzLnwj1240sjgGw33JMJl5LMuFW2Xx2Nyi0cK1Vs6Wq7XINTNsFrOFy7ByrUWvj-li2W08rsG-MRsOdqvRZjjaN2bDwW412gxH-w6T6Zn6nI3anefcsRnPrePiWHMYFC6DxfuTmBbT7uxgOvuOTptPvSzqjH6_3-_3-_1-v99v0HoOZoPCtz4-c-KXw_jaLl4GscGgiCWCi3Qit3jsLt_nIpYoTRfpRF_0u12Gh8_lr4glgtNFOhH63S6L-o8eYriaSxabuWK1mitGq1UCAAAAAAAAALAE00w3AQAAAHAykMlis1mt00EsV7PhcLVcAA9sPLp-xrvI6A5xB3dBUORDQyrPuxZr7LEDt3jsLt_nygAeyrqYbfYZQazValkDAAAQwAYAABDATTfeBKRQcf_____jAAAAyMihBwAAQL8PqGp4ZmZmZoZfQQxWw8n-AUgQa7Va!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 06 Apr 2023 04:13:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
config
c.amazon-adsystem.com/cdn/prod/
0
308 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3219&u=https%3A%2F%2Fuser.subsystemsselv.tk
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:05 GMT
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
access-control-allow-origin
https://user.subsystemsselv.tk
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
MnmonQ4bm2VBVAjYJJa7OrRxAguSWg7MN7PXsJaCIfv_G35EniiNoA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:07 GMT
x-amz-version-id
F_FDbbUyUmFtmAPMghF.UJjGVPnjBMtx
content-encoding
gzip
via
1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Mon, 03 Apr 2023 21:14:40 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
tv5qC2UL1ZqdacFNm6TE1A54-QuyJ7mpzaM7M5OhB78kQpwYfqmw2Q==
v2
mb.moatads.com/yi/
233 B
407 B
Script
General
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3MH%3Cy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WB9CBj0bTnpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-qwUb5sLyVy50og%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fuser.subsystemsselv.tk%2F&pcode=nbcuyieldheader7581548001&rx=13261066034&callback=MoatNadoAllJsonpRequest_95552745
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.113.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-113-137.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
f0297d7e8d2c94e730b6297447007cf92fdc2417dd76d11535cf047cda107302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:06 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"8ebaebfd248db3b393807f292ea9cb82a5476add"
content-length
233
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame 3D34
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c7371b0d7e6389c5389f848a3727264fa31e6ce3a922dc347cd2501754e0e289

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 06 Apr 2023 04:13:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Apr 2023 20:10:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57356
Connection
keep-alive
Content-Length
10016
Expires
Thu, 06 Apr 2023 20:09:01 GMT
usync.js
eus.rubiconproject.com/ Frame F0A9
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c7371b0d7e6389c5389f848a3727264fa31e6ce3a922dc347cd2501754e0e289

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 06 Apr 2023 04:13:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Apr 2023 20:10:04 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57356
Connection
keep-alive
Content-Length
10016
Expires
Thu, 06 Apr 2023 20:09:01 GMT
khaos.jpg
token.rubiconproject.com/ Frame 3D34
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame F0A9
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
master.mpd
mt.ssai-oneapp.nbcuni.com/Content/CMAF_OL1-CTR-4s/Live/channel(nnn)/ Frame BF3A
492 B
886 B
Fetch
General
Full URL
https://mt.ssai-oneapp.nbcuni.com/Content/CMAF_OL1-CTR-4s/Live/channel(nnn)/master.mpd?mt.config=nbcnews-dash-linear-4s-generic
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/sigma.html?stream=NEWS_NOW&mvpdHash=&mpid=9f67abda-d9a0-467e-a01a-40d5a9ad388f&timestamp=1680754310907&usPrivacy=1---&autoplay=true&mutedAutoplay=true&token_Widevine=fbd7a5ec8946dcbd280c6adc7cd2d9edad415035b228ed405061e66a85af671c&token_Fairplay=334124df071ecd2d04d604ec8f5b85661671be6dfc4ca12ef484591fc1e54428&token_PlayReady=6e2ba810f3edc5d8f79b9334a8479c6c80777124bd8f232ff8d624bbdb17a08b&initialWidth=260&childId=core-video&parentTitle=NBC%20News%20-%20Breaking%20News%20%26%20Top%20Stories%20-%20Latest%20World%2C%20US%20%26%20Local%20News%20%7C%20NBC%20News&parentUrl=https%3A%2F%2Fuser.subsystemsselv.tk%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:a:768a:2640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
62338f03a657ac94480b68d20aeae00e0e44e9a7c95c390461d3c6bda3bc0be1

Request headers

Referer
https://user.subsystemsselv.tk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 06 Apr 2023 04:13:06 GMT
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://user.subsystemsselv.tk
x-cache
LambdaGeneratedResponse from cloudfront
cache-control
max-age=0
access-control-allow-headers
Content-Type
content-length
492
x-amz-cf-id
FP7X--NQXc10QS1sW-VQ2mOgavQCI_tm5IjzBNzgwMtl3ZFO5Vc2lA==
master.mpd
mt.ssai-oneapp.nbcuni.com/Content/CMAF_OL1-CTR-4s/Live/channel(nnn)/ Frame
0
0
Preflight
General
Full URL
https://mt.ssai-oneapp.nbcuni.com/Content/CMAF_OL1-CTR-4s/Live/channel(nnn)/master.mpd?mt.config=nbcnews-dash-linear-4s-generic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:3c00:a:768a:2640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://user.subsystemsselv.tk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://user.subsystemsselv.tk
date
Thu, 06 Apr 2023 04:13:06 GMT
server
CloudFront
via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-id
OmIm7bCUMSP4WtSWSmImrF6yHoEvqXTyz_vvwlOvLPr4EF2VEhMllg==
x-amz-cf-pop
FRA50-C1
x-cache
LambdaGeneratedResponse from cloudfront
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 3D34
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/
397 KB
123 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 15:12:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
46810
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125910
x-xss-protection
0
server
cafe
etag
14470834828239977126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 04 Apr 2024 15:12:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
44 B
71 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=user.subsystemsselv.tk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8754a4a3a6da1cb7a8db367e680349d8a0880d4c94739c4b12cdbf54b80344e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47
x-xss-protection
0
expires
Thu, 06 Apr 2023 04:13:06 GMT
bulk
trc.taboola.com/nbcnews/log/3/
0
295 B
XHR
General
Full URL
https://trc.taboola.com/nbcnews/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=5
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://user.subsystemsselv.tk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 06 Apr 2023 04:13:06 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230044-FRA
server
nginx
x-timer
S1680754386.108988,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://user.subsystemsselv.tk
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame 3D34
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 06 Apr 2023 04:13:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
token
token.rubiconproject.com/ Frame 3D34
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3D34
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---&google_tc=
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---&google_tc=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Apr 2023 04:13:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Apr 2023 04:13:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=1&us_privacy=1---&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3D34
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&gdpr=1&us_privacy=1---&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEMlD58TEuGchQm-Em0AxXKE&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEMlD58TEuGchQm-Em0AxXKE&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 06 Apr 2023 04:13:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEMlD58TEuGchQm-Em0AxXKE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3D34
Redirect Chain
  • https://rcp.c.appier.net/rbcm?gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=m5s5q4OODv-RZosJ00YuZA&expires=365
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=m5s5q4OODv-RZosJ00YuZA&expires=365
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=70596&nid=3632&put=m5s5q4OODv-RZosJ00YuZA&expires=365
date
Thu, 06 Apr 2023 04:13:07 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
131
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
rubicon
tr.blismedia.com/v1/api/sync/ Frame 3D34
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:06 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
x.bidswitch.net/ Frame 3D34
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=rubicon&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.240.245 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-240-245.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 3D34
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7019642e-46d2-4c00-adf8-e6917314bee1&gdpr=1&gdpr_consent=
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7019642e-46d2-4c00-adf8-e6917314bee1&gdpr=1&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Date
Thu, 06 Apr 2023 04:13:06 GMT
Server
MT3 776 936c8db master cdg-pixel-x27 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=7019642e-46d2-4c00-adf8-e6917314bee1&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 06 Apr 2023 04:13:05 GMT
24610.js
micro.rubiconproject.com/prebid/dynamic/
147 KB
46 KB
Script
General
Full URL
https://micro.rubiconproject.com/prebid/dynamic/24610.js
Requested by
Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
868363ef2870b0754aff551f47a8058255af7768783bbc152711cd4552fb7f0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:06 GMT
content-encoding
gzip
last-modified
Mon, 26 Jul 2021 15:32:58 GMT
server
Apache
vary
accept-encoding, referer
edge-cache-tag
prod-prebid-No.Wrapper.js
content-type
text/javascript
cache-control
public, must-revalidate, max-age=14400
content-length
47219
expires
Thu, 06 Apr 2023 22:16:05 GMT
bid
aax.amazon-adsystem.com/e/dtb/
23 B
469 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3219&u=https%3A%2F%2Fuser.subsystemsselv.tk%2F&pid=MXWJRO9Qk3VzH&cb=0&ws=1600x1200&v=23.331.1910&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-topbanner-52739492%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22970x66%22%2C%22728x90%22%2C%221400x600%22%5D%2C%22sn%22%3A%22topbanner%22%7D%2C%7B%22sd%22%3A%22div-gpt-boxflex-52739492%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22boxflex%22%7D%5D&pj=%7B%22si_section%22%3A%22nbcnews-bento%7Chomepage%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
PER50MBMTCR7ZPXC6MVF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://user.subsystemsselv.tk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Q0THIqP5TuMtfNads2tGqaAEX6frY3vVpsOMdznfkOrZIBL75T-74A==
master.mpd
91c52c2843194ea59fa75ef868a4aba7.mediatailor.us-east-1.amazonaws.com/v1/dash/7f34bf1814de6fddce84b1e6c296b7a70243b88f/nbcnews-dash-linear-4s-generic/Content/CMAF_OL1-CTR-4s/Live/channel(nnn)/ Frame BF3A
11 KB
3 KB
Fetch
General
Full URL
https://91c52c2843194ea59fa75ef868a4aba7.mediatailor.us-east-1.amazonaws.com/v1/dash/7f34bf1814de6fddce84b1e6c296b7a70243b88f/nbcnews-dash-linear-4s-generic/Content/CMAF_OL1-CTR-4s/Live/channel(nnn)/master.mpd?aws.sessionId=d2fd7f03-9c59-4e6c-b14d-2dc7149802b7
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/sigma.html?stream=NEWS_NOW&mvpdHash=&mpid=9f67abda-d9a0-467e-a01a-40d5a9ad388f&timestamp=1680754310907&usPrivacy=1---&autoplay=true&mutedAutoplay=true&token_Widevine=fbd7a5ec8946dcbd280c6adc7cd2d9edad415035b228ed405061e66a85af671c&token_Fairplay=334124df071ecd2d04d604ec8f5b85661671be6dfc4ca12ef484591fc1e54428&token_PlayReady=6e2ba810f3edc5d8f79b9334a8479c6c80777124bd8f232ff8d624bbdb17a08b&initialWidth=260&childId=core-video&parentTitle=NBC%20News%20-%20Breaking%20News%20%26%20Top%20Stories%20-%20Latest%20World%2C%20US%20%26%20Local%20News%20%7C%20NBC%20News&parentUrl=https%3A%2F%2Fuser.subsystemsselv.tk%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.240.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-240-172.compute-1.amazonaws.com
Software
/
Resource Hash
dbfb42826ff016ec783a1534a158eb374c1c5fdfbf11642daf40e53b82cbd185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:06 GMT
content-encoding
gzip
x-amzn-requestid
25d0411c-33d0-4213-980e-01015db6f213
vary
Origin
content-type
application/dash+xml
access-control-allow-origin
https://user.subsystemsselv.tk
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date,x-amz-source
cache-control
max-age=1
access-control-allow-credentials
true
content-length
2557
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
722 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 06 Apr 2023 04:13:06 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
20872
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1680754387.794537,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
71
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2293
d2fd7f03-9c59-4e6c-b14d-2dc7149802b7
91c52c2843194ea59fa75ef868a4aba7.mediatailor.us-east-1.amazonaws.com/v1/tracking/7f34bf1814de6fddce84b1e6c296b7a70243b88f/nbcnews-dash-linear-4s-generic/ Frame BF3A
51 B
371 B
Fetch
General
Full URL
https://91c52c2843194ea59fa75ef868a4aba7.mediatailor.us-east-1.amazonaws.com/v1/tracking/7f34bf1814de6fddce84b1e6c296b7a70243b88f/nbcnews-dash-linear-4s-generic/d2fd7f03-9c59-4e6c-b14d-2dc7149802b7
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/sigma.html?stream=NEWS_NOW&mvpdHash=&mpid=9f67abda-d9a0-467e-a01a-40d5a9ad388f&timestamp=1680754310907&usPrivacy=1---&autoplay=true&mutedAutoplay=true&token_Widevine=fbd7a5ec8946dcbd280c6adc7cd2d9edad415035b228ed405061e66a85af671c&token_Fairplay=334124df071ecd2d04d604ec8f5b85661671be6dfc4ca12ef484591fc1e54428&token_PlayReady=6e2ba810f3edc5d8f79b9334a8479c6c80777124bd8f232ff8d624bbdb17a08b&initialWidth=260&childId=core-video&parentTitle=NBC%20News%20-%20Breaking%20News%20%26%20Top%20Stories%20-%20Latest%20World%2C%20US%20%26%20Local%20News%20%7C%20NBC%20News&parentUrl=https%3A%2F%2Fuser.subsystemsselv.tk%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.240.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-240-172.compute-1.amazonaws.com
Software
/
Resource Hash
65a2748325cf4305d3a33f197b9c5bf8f79cea66b8f67d9fd8649c7e45693846

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:07 GMT
content-encoding
gzip
x-amzn-requestid
5291df81-cb7c-4cb1-9014-f2f76a8b01fa
vary
Origin
content-type
application/json
access-control-allow-origin
https://user.subsystemsselv.tk
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date,x-amz-source
cache-control
max-age=5
access-control-allow-credentials
true
content-length
64
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:06 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
2174
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1680754387.995471,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
71
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
4932
/
pips.taboola.com/
64 B
250 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
5b0d0d08c3b7fbdc8164e467ee1d637e4b616be1a489699c18b67082281851b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230031-FRA
date
Thu, 06 Apr 2023 04:13:07 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://user.subsystemsselv.tk
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=d02fc29a-ebcf-44a5-9695-d5f0316ae0e5-tuctb27cc50&uad=3d45fdf57e5fd666b1ff640d125a0f6e7a8edfac5055af0885b29ff442d85007&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 06 Apr 2023 04:13:07 GMT
cache-control
no-store
server
nginx
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=user.subsystemsselv.tk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=user.subsystemsselv.tk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
32 KB
14 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4480952849021788&correlator=2746278009708905&eid=31070233&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fif&iu_parts=2620%2Cnbcnews%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C970x250%7C970x66%7C728x90%7C1400x600&ifi=1&adks=2858580716&sfv=1-0-40&prev_scp=pageid%3Dhomepage%26cont%3Dbentofront%26sect%3Dhomepage%26brand%3Dnbcnews%26tag%3Dramen%26targeting%3Dhomepage%2Cnbcnews%26vertical%3Dhomepage%26pos%3Dtopbanner_bentofront_bento%26slot%3Dtopbanner%26loadset%3D0%26amznbid%3D2%26amznp%3D2%26tile%3D1%26sz%3D970x90%252C970x250%252C970x66%252C728x90%252C320x50%252C300x50%26cat%3Dhomepage%26cag%255Bplatform%255D%3Dramen%26cag%255Btargeting%255D%3Dnbcnews%257Chomepage%26adunit%3D%252F2620%252Fnbcnews%252Fhomepage%26type%3Dbentofront%26content_id%3Dhomepage%26site%3Dnbcnews-bento%26path%3D%252F%26cag%255Badunit1%255D%3D2620%26cag%255Badunit2%255D%3Dnbcnews%26cag%255Badunit3%255D%3Dhomepage%26title%3DNBC%2520News%2520-%2520Breaking%2520News%2520%2520Top%2520Stories%2520-%2520Latest%2520World%2520US%2520%2520Local%2520News%2520%2520NBC%2520News%26ismobile%3Dfalse%26NOLOAD%3Dmpstools%26USE_OVERLAY%3D0%26IRSOURCE%3Dfalse%26ASYNC%3D1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26excl_cat%3Dhomepage&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26adg%3Dother%26pm%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1680754389816&lmt=1680754389&dlt=1680754383277&idt=2940&adxs=315&adys=141&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser.subsystemsselv.tk%2F&frm=20&vis=1&psz=970x0&msz=970x0&fws=4&ohw=1600&ga_vid=1949797851.1680754390&ga_sid=1680754390&ga_hid=1844768212&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0beb344f3721b235a76fe54f834eb7408d3c4b2d8ebf4cd50536b017fa1bad3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13946
x-xss-protection
0
google-lineitem-id
4860685866
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138250187918
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://user.subsystemsselv.tk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
536 B
300 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4480952849021788&correlator=2746278009708905&eid=31070233&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fif&iu_parts=2620%2Cnbcnews%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x2&ifi=2&adks=41778419&sfv=1-0-40&prev_scp=nohb%3Da9%26pageid%3Dhomepage%26cont%3Dbentofront%26sect%3Dhomepage%26brand%3Dnbcnews%26tag%3Dramen%26targeting%3Dhomepage%2Cnbcnews%26vertical%3Dhomepage%26pos%3Dnativeultradense_bentofront_bento%26slot%3Dnativeultradense%26loadset%3D0%26polar%3Dnativeultradense%26tile%3D6%26sz%3D2x2%26cat%3Dhomepage%26cag%255Bplatform%255D%3Dramen%26cag%255Btargeting%255D%3Dnbcnews%257Chomepage%26adunit%3D%252F2620%252Fnbcnews%252Fhomepage%26type%3Dbentofront%26content_id%3Dhomepage%26site%3Dnbcnews-bento%26path%3D%252F%26cag%255Badunit1%255D%3D2620%26cag%255Badunit2%255D%3Dnbcnews%26cag%255Badunit3%255D%3Dhomepage%26title%3DNBC%2520News%2520-%2520Breaking%2520News%2520%2520Top%2520Stories%2520-%2520Latest%2520World%2520US%2520%2520Local%2520News%2520%2520NBC%2520News%26ismobile%3Dfalse%26NOLOAD%3Dmpstools%26USE_OVERLAY%3D0%26IRSOURCE%3Dfalse%26ASYNC%3D1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26excl_cat%3Dhomepage%2Cheaderbid&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26adg%3Dother%26pm%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1680754389828&lmt=1680754389&dlt=1680754383277&idt=2940&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser.subsystemsselv.tk%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=260&ga_vid=1949797851.1680754390&ga_sid=1680754390&ga_hid=1844768212&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
197630801ad24843609eac96ca3a13b2c7bf7d9499d7d412188749bb5924fa5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://user.subsystemsselv.tk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
536 B
300 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4480952849021788&correlator=2746278009708905&eid=31070233&output=ldjh&gdfp_req=1&vrg=202303300101&ptt=17&impl=fif&iu_parts=2620%2Cnbcnews%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=88x31&ifi=3&adks=719239133&sfv=1-0-40&prev_scp=nohb%3Da9%26pageid%3Dhomepage%26cont%3Dbentofront%26sect%3Dhomepage%26brand%3Dnbcnews%26tag%3Dramen%26targeting%3Dhomepage%2Cnbcnews%26vertical%3Dhomepage%26pos%3Dsponsorlogo_bentofront_bento%26slot%3Dsponsorlogo%26loadset%3D0%26tile%3D2%26sz%3D88x31%26cat%3Dhomepage%26cag%255Bplatform%255D%3Dramen%26cag%255Btargeting%255D%3Dnbcnews%257Chomepage%26adunit%3D%252F2620%252Fnbcnews%252Fhomepage%26type%3Dbentofront%26content_id%3Dhomepage%26site%3Dnbcnews-bento%26path%3D%252F%26cag%255Badunit1%255D%3D2620%26cag%255Badunit2%255D%3Dnbcnews%26cag%255Badunit3%255D%3Dhomepage%26title%3DNBC%2520News%2520-%2520Breaking%2520News%2520%2520Top%2520Stories%2520-%2520Latest%2520World%2520US%2520%2520Local%2520News%2520%2520NBC%2520News%26ismobile%3Dfalse%26NOLOAD%3Dmpstools%26USE_OVERLAY%3D0%26IRSOURCE%3Dfalse%26ASYNC%3D1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26excl_cat%3Dhomepage%2Cheaderbid&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26adg%3Dother%26pm%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1680754389836&lmt=1680754389&dlt=1680754383277&idt=2940&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fuser.subsystemsselv.tk%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=644&ohw=1600&ga_vid=1949797851.1680754390&ga_sid=1680754390&ga_hid=1844768212&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a98d49db73833fc9c7897eb389d4da807856962211b9c3fceeb7ebe2db32310a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://user.subsystemsselv.tk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202303300101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
f942555b0854fb8e208b2864901904bc57d32bd2f39fe0fbcae6a91e1f678a83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11289
x-xss-protection
0
container.html
e816958f4563d945ce24f89243701fda.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 225D
6 KB
3 KB
Document
General
Full URL
https://e816958f4563d945ce24f89243701fda.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://user.subsystemsselv.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Apr 2023 04:13:10 GMT
expires
Fri, 05 Apr 2024 04:13:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3066
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoXiyBDGteNfsLAUs0ro_z_aKBf7g0CLL7pOqCvgW2ILxuSmd0JDyDQCDvA10Hp140xG2MxorEPPjb-e5JQNknRw2GwbGaDfa2WBLIpXaSL7QxZfkr2z1kQ4v2MNMcHlL9WE37b6L6D9Jo6KZSVRjzlJ1fXdppkyJOVJGIhc9yRYxjpt1aX4nN_R1Rdz7Fj47ynDf6svRVdnYQxIz1XhPkk8ULlPqz72x4uXOdur7b5m_6tVs6FVYaXVuXpgcJPc7sIuXye7Z7ppEr6_nF_pNvjz81NrobcHxEbLwBXITmPO5AFZA2szEWiXkb9R-vXkO5e8o0xUNp&sai=AMfl-YQJznBvX3lIcCtHDSWtyORFJmIdxRzP1qxHwPvuSfQ2lYsATC_EIDZIvUlLtcEEV81fHIP-9D3kCMIjtGSrr2ue9F4aLeVK-GpbS7VROIDNnKQdSSf9SgiAtnNsgg&sig=Cg0ArKJSzHLZO9recAUSEAE&uach_m=[UACH]&adurl=
Requested by
Host: user.subsystemsselv.tk
URL: https://user.subsystemsselv.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/ Frame 3066
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230404/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 11:08:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
61498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Apr 2023 11:08:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3066
159 KB
49 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49753
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1680694322409811"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Apr 2023 04:13:10 GMT
moatad.js
z.moatads.com/nbcuniversal134024534264/ Frame 3066
335 KB
114 KB
Script
General
Full URL
https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.229.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-113.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4991eeeef00a4e609a2579379f212ff44953d79e4915c9c60b7ff5c6098d0854

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
content-encoding
gzip
last-modified
Tue, 04 Apr 2023 14:00:19 GMT
server
AmazonS3
x-amz-request-id
M6DWBYH0TP0SKTGX
etag
"5871b7a9912f12225b08a69fb5e2dff9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=21647
accept-ranges
bytes
content-length
116339
x-amz-id-2
aNX2gFLwcZItputJXSXJuhHk4rI9hSE/vmPHfxFXQpoQCQ/mzTuGSoD/3nxEwmgVU5dhDb/Ob2Y=
15087753483871036520
tpc.googlesyndication.com/simgad/ Frame 3066
10 KB
11 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15087753483871036520
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 18:08:38 GMT
x-content-type-options
nosniff
age
468272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10627
x-xss-protection
0
last-modified
Tue, 13 Nov 2018 17:33:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 30 Mar 2024 18:08:38 GMT
l
www.google.com/ads/measurement/ Frame 3066
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRG0ES26u0H0CcQgu3qcf7b5USLU3NKnKSG53d-jgby5qOGYdsg-GtHzeCkDPCPtsapXWam
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

5e6338253b85b3b6.css
nodeassets.nbcnews.com/_next/static/css/
94 KB
15 KB
Stylesheet
General
Full URL
https://nodeassets.nbcnews.com/_next/static/css/5e6338253b85b3b6.css
Requested by
Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/main-3626adf95c8c50d2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:89d::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5105460205f338247b81e410f884c8bd5e7291b11d2baeff44c84ef1916aced
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
g2K2w.xq_ZUAJR1WQEYnM1kjVHDRs_ze
content-encoding
br
date
Thu, 06 Apr 2023 04:13:10 GMT
strict-transport-security
max-age=2628000 ; preload
x-amz-request-id
S9HN72B7N481RXC6
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466876_389993759_14944433_20_4120_6_0";dur=1
content-length
14614
x-amz-id-2
Cpd89oTJ//dyxQR0Ibmvd09/YCBPuY1KRcqoW40a8AKHHsuJknkP2yhVcTVSNefDnSSXZbYByQg=
last-modified
Tue, 04 Apr 2023 23:34:14 GMT
server
AmazonS3
etag
"ed120a9caa9b9c36eca2775e84223553"
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Fri, 07 Apr 2023 04:13:10 GMT
truncated
/ Frame 3066
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c40c1838ad15aab4171c37e1efdb8ced9436b007c18d3f7959bc57397f1de316

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202303300101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 06 Apr 2023 04:13:10 GMT
non-responsive-widget.20230404-24-RELEASE.es6.js
cdn.taboola.com/libtrc/
18 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/non-responsive-widget.20230404-24-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e697d3ba93d461b8a84b0fc64c795f50623ac8aaea96a3ededf6768a3dbeb0b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
.AmVOiB7Vrx.3T.3eWQ8qKj4z0UShpIa
content-encoding
gzip
via
1.1 varnish
date
Thu, 06 Apr 2023 04:13:10 GMT
x-amz-request-id
SNDHZNSN7SXXMGTM
age
135336
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5645
x-amz-id-2
kHOfAjPYtS0w4NA+8PXrjl6USGdYAMz9Ht3fUcTaoBcS8hAv8fWLagOmdyMtKQM/qJXcqKxESXg=
x-served-by
cache-fra-eddf8230044-FRA
last-modified
Tue, 04 Apr 2023 14:37:34 GMT
server
AmazonS3
x-timer
S1680754390.345741,VS0,VE0
etag
"ee30a04f153b0845e5e3f8ef0ba8d985"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
42
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A89
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://user.subsystemsselv.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37199
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 05 Apr 2023 17:53:11 GMT
expires
Thu, 04 Apr 2024 17:53:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E23C
783 B
999 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
170c13078d5120bcf4479ede9b358eff342692e12b75c125e81080bbdf5fc341
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ENEwJAOrFlpM0qIWCSk1OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://user.subsystemsselv.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ENEwJAOrFlpM0qIWCSk1OA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 06 Apr 2023 04:13:10 GMT
expires
Thu, 06 Apr 2023 04:13:10 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
n.js
geo.moatads.com/
98 B
270 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BI%24%3D!!t%22lAk3MH%3Cy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-WB9CBj0bTnpuUX885ljPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-qwUb5sLyVy50og%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=NBCUV2&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=18&cm=15&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1680754390539&de=148429513451&m=0&ar=229a371aeed-clean&iw=3e01d80&q=3&cb=0&ym=0&cu=1680754390539&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4650777348%3A2428627361%3A4860685866%3A138250187918&zGSRC=1&zMoatPS=topbanner_bentofront_bento&zMoatST=nbcnews-bento&zMoatDomain=subsystemsselv.tk&zMoatSubdomain=user.subsystemsselv.tk&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=slotNoHistData&zMoatMSafety=safe&zMoatMGV_MAX=slotNoHistData&zMoatMMV=slotNoHistData&zMoatMGV=slotNoHistData&zMoatMData=1&zMoatTag=ramen&zMoatSZ=1x1&zMoatCURL=user.subsystemsselv.tk&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fuser.subsystemsselv.tk%2F&id=1&ii=4&bo=57191058&bd=57194418&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=57194418&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=1%3A1050%3A1050%3A4492%3A1145&tz=topbanner_bentofront_bento&iq=slotNoHistData&tt=slotNoHistData&tu=1&tp=safe&jk=-1&jm=-1&fs=203020&na=748768832&cs=0&ord=1680754390539&jv=1479290149&callback=DOMlessLLDcallback_10042225
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.113.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-113-137.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
3a0e811098f72140bab30c871e53e46e5c210395fcde04ae3fab789e861e3bba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"b33dbc10c5610151e65265c4682751b66f7263a7"
content-length
98
content-type
text/html; charset=UTF-8
event.gif
beacon.krxd.net/
0
455 B
Image
General
Full URL
https://beacon.krxd.net/event.gif?event_id=JnqJS_Pa&event_type=rtg&ord=1680754390539
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.253.161 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
beacon-n009-dub-prod.krxd.net
date
Thu, 06 Apr 2023 04:13:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=46 t=1680754390
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
view
securepubads.g.doubleclick.net/pcs/ Frame 3066
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXYeSfRbCJrb1Y90rJlxYyE8llmsDhYRUWQYdG939GmGS6yXG_cnFhAEF7eBYGco1jDY1mQbuzRv-YKJ19qLKTxqfHZOfobuvGedlKVbc6wix0RLft4YUnhglYggdk6WSH2xL7vAk563gFYPWfbkbDEhw8neyTpBDRjv1UjijEznqI92MBLvturTngwDMXh9enAckJuix2a_0KZpT84cee8lIlhgCDIxRUVKhM0knf9_vpMiwLCbiQTBaJs7WqjRjr_E6xtB4ptJw3fLVodV4b8I89PFLb4Ppo7YEEFnfLHDJ6SPj9YsBtmTwFKadJ8pb5slyh7iZHjhE&sai=AMfl-YRp8YrYuyUlOO4pMxsCj8vnhte_V4wW9XXfZzGXF-WIvtf_fCnDvOGWigVoPhrg5HcKKt2Svjf4tda5Gd4ZfpHmHl9jYeqBE06z9GtX6chjnBBMp99nuuPgWGGeEA&sig=Cg0ArKJSzAf_idStr2tQEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 06 Apr 2023 04:13:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E23C
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202303300101&jk=4480952849021788&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
pagead2.googlesyndication.com/bg/ Frame 5A89
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 08:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
70028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14213
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 13:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 Apr 2024 08:46:02 GMT
pixel.gif
nbcudisplay.s.moatpixel.com/
43 B
260 B
Image
General
Full URL
https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=14&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=user.subsystemsselv.tk&L1id=4650777348&L2id=2428627361&L3id=4860685866&L4id=138250187918&S1id=57191058&S2id=57194418&ord=1680754390539&r=148429513451&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.229.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-113.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Apr 2023 04:13:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 06 Apr 2023 04:13:10 GMT
pixel.gif
nbcudisplay.s.moatpixel.com/
43 B
260 B
Image
General
Full URL
https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=191&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=user.subsystemsselv.tk&L1id=4650777348&L2id=2428627361&L3id=4860685866&L4id=138250187918&S1id=57191058&S2id=57194418&ord=1680754390539&r=148429513451&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.229.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-229-113.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Apr 2023 04:13:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 06 Apr 2023 04:13:10 GMT
event.gif
beacon.krxd.net/
0
337 B
Image
General
Full URL
https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.253.161 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
beacon-n011-dub-prod.krxd.net
date
Thu, 06 Apr 2023 04:13:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1680754390
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
generate_204
tpc.googlesyndication.com/ Frame 5A89
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?CtVGnQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 04:13:10 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202303300101&jk=4480952849021788&bg=!mJulm8_NAAYIJb0jKCU7ADkAdvg8Wr74xuNgdob6wJpVs8vSAXJOFXeix_wSVB-xsg66ylwbSFtpdobPF4xmag4J5VouAxJMj9oCAAAAj1IAAAADaAEHmQKyaa506sEEAaAEO3Oo7f-FpgqMZVjY7WoHD9gAQCa_0FeAo_-YUGIdAy-f9J2_BwTDiR5IXUWxiFjkw75WHKnQ_SVWhq0tWYX7QotVbHMSNU2Qo_muVa5FGwcEt7M329IGFJ9Ak3RzBXMUkgwB_zluIKRHxprz0NyfhbeH8YH8tlvlEWuHmzvi05F0Gjtr8817Rjf3AXix3cwacawb66zAlNPi5SAwt8Ha-pKwUtmCV7uGfA5lAJRTao-EgDMUhIf22f10ZYWxs67Az0c-smYS-t1TnDczIal4o9p3fgzVnIM763-u_Z3RihwSd68h0oQIuk-Suede90SDsceiATmzVxdtgVo1xde4Ptk3bsrxJGHYHVtLgJ7Eq4fJVkEpYeDrACXYYg2PsyFCdb7clXS3X_PzSFm6H9HIr5fykHaKg4c0FP-TZiuPo1m4dxaXPVVdSSNF6n1kK_CTmtNLslNwvj540Dje8k5fwVg8VcjS3Fx4WOfeCYlwEE_5X9kYSFvfg7pQOIWz0T2_X6O3u4gcaapQozTDPRCTHqaOcoIGsxK63DL0A0L8Jy7lqX_bx6-UqPJGHnc_64xiO0taA9BFe7WU0ZOugb6nAqFkyof-veKJpDoT9GUstjLmei5MoTv8QNvopV1Plsr09Al1Lzq1iukJGsuQ6fCBuUzrmi3_7ktYCaF7S04SlmrzBnPeDD12VqIwmn0u2MM0xCNDUD6kT1URIbtoHDqczbC_0sk0nqd45tR_vx1RTievMXjYAq6mLtlLM1l8PCiIkCOBVd4Wx1J7DZU3uY9NKFfZ4jEu_Xcm3vcfryeSa2_MRpSQdnvmaTK324mg1SYL59mr03EzIHvKppgvDaOxX61XeRtLdzOPOoZEyvAElT9aj6z9bbvULZ79ae1k5H9o3xSJID-1kRtQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://user.subsystemsselv.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

bulk
trc.taboola.com/nbcnews/log/3/
0
304 B
XHR
General
Full URL
https://trc.taboola.com/nbcnews/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230404-24-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://user.subsystemsselv.tk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Thu, 06 Apr 2023 04:13:11 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230044-FRA
server
nginx
x-timer
S1680754391.427392,VS0,VE8
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://user.subsystemsselv.tk
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| __mpsconfig object| _satellite boolean| __satelliteLoaded object| webpackChunk_N_E object| _N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| scrollMonitor object| __nbcnd__ function| _ object| DD_RUM function| $t function| __NEXT_PRELOADREADY object| HFSapi object| HFSconfig object| _taboola object| _HFS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __MIDDLEWARE_MANIFEST object| TRC object| _tblConsole undefined| msg string| pm_pgtp object| _comscore boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd object| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter number| var_tb_vpmd object| COMSCORE object| ns_p function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| TBOptimizationTouchAndClickEventTracker object| _pmk function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Bg object| _pm_mcg string| nam object| placementData object| cmTag object| mpsopts object| googletag object| mpscall object| mps object| debugmode object| gpt string| mpsinstance function| mpsCallback object| cats string| lastcat number| $auc object| pbjs object| _mpshead object| _mpsstyles number| retval string| ret object| mpscall_original string| $dM string| sitepath object| derived function| mpsGetAd string| mpsrequesturl object| _cm_wfCounters function| htmlParser function| postscribe string| __nbcudigitaladops_dtparams object| __nbcudigitaladops_inject object| __nbcudigitaladops object| __nbcudigitaladops_header object| apstag number| randomOrd string| eTandomAd function| admantx_callback boolean| __qsparam undefined| detectviewport string| debugmsg string| warnmsg number| queuelen undefined| placementId undefined| atsScript string| host boolean| apstagLOADED object| apscustom object| _aps undefined| ct undefined| et undefined| hourElapsed undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_95552745 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing string| avk string| sz object| _kv function| pbjsChunk object| _pbjsGlobals object| tbopt string| lsk string| ask object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal

11 Cookies

Domain/Path Name / Value
mps.nbcuni.com/fetch/ext Name: adEdition
Value: DE
mps.nbcuni.com/fetch/ext Name: geoEdition
Value: de
.nbcnews.com/ Name: nbcnews_geolocation
Value: non-us
user.subsystemsselv.tk/ Name: _tb_sess_r
Value:
user.subsystemsselv.tk/ Name: akaas_NBCNews
Value: 1681618384~rv=65~id=257207f9002241bce09b767211bdb769~rn=
user.subsystemsselv.tk/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dd02fc29a-ebcf-44a5-9695-d5f0316ae0e5-tuctb27cc50
user.subsystemsselv.tk/ Name: adops_master_kvs
Value:
.blismedia.com/ Name: b
Value: 642E46D2386F2F968FA96FA1BLIS
.mathtag.com/ Name: uuid
Value: 7019642e-46d2-4c00-adf8-e6917314bee1
.doubleclick.net/ Name: IDE
Value: AHWqTUkwkT3OUFmDCA2LW_re87694CMKhHTcgTDhx1Wj7RjqWc9IHfJNIlLIpIsbQSU
.c.appier.net/ Name: _auid
Value: m5s5q4OODv-RZosJ00YuZA

1 Console Messages

Source Level URL
Text
other warning URL: https://user.subsystemsselv.tk/
Message:
<link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=2628000 ; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91c52c2843194ea59fa75ef868a4aba7.mediatailor.us-east-1.amazonaws.com
aax.amazon-adsystem.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
assets.adobedtm.com
beacon.krxd.net
c.amazon-adsystem.com
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
e816958f4563d945ce24f89243701fda.safeframe.googlesyndication.com
eus.rubiconproject.com
geo.moatads.com
gum.criteo.com
imprammp.taboola.com
match.adsrvr.org
mb.moatads.com
media-cldnry.s-nbcnews.com
media2.s-nbcnews.com
micro.rubiconproject.com
mps.nbcuni.com
mt.ssai-oneapp.nbcuni.com
nbcudisplay.s.moatpixel.com
nodeassets.nbcnews.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
rcp.c.appier.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sprtsecureassets.akamaized.net
sync.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
usasync01.admantx.com
user.subsystemsselv.tk
video-ads-module.ad-tech.nbcuni.com
vidstat.taboola.com
widget.perfectmarket.com
www.google.com
www.googletagservices.com
www.nbcnews.com
x.bidswitch.net
z.moatads.com
104.109.78.125
108.138.1.25
108.138.4.150
13.32.121.37
141.226.228.48
141.226.230.50
142.250.185.66
151.101.1.44
151.101.193.44
172.104.121.22
18.196.240.245
185.29.134.248
2.18.232.60
2.19.229.113
23.227.196.57
23.56.202.187
2600:9000:2156:3c00:a:768a:2640:93a1
2a00:1450:4001:802::2001
2a00:1450:4001:809::2001
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a02:2638:3::c
2a02:26f0:3500:58f::2506
2a02:26f0:3500:e::1732:834c
2a02:26f0:480:6b1::a1d
2a02:26f0:480:7a9::1e80
2a02:26f0:480:89d::2506
2a02:26f0:480:f::213:7ec4
2a04:4e42:400::300
2a05:d018:d29:3602:a2bd:f7af:253c:4fd
3.33.220.150
34.96.105.8
52.210.113.137
52.23.30.202
52.50.253.161
54.84.240.172
69.173.144.138
69.173.144.139
8.43.72.98
004d0290b2526af04cb9a520e41d62b4d02379857779ddcf4a31ad0749593a1b
013c9bcb81089f84221d4c061f0e067385b6e020706175fd07698412600c1374
05c4ab4d8b664e4b5beeae74645f3ad5f20c7f47eeabca7aa5b68b0d87be5342
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0beb344f3721b235a76fe54f834eb7408d3c4b2d8ebf4cd50536b017fa1bad3b
0c755adde476ad57448321743d7f3604ad9fb1f202cff269a558d71d9df70f20
15e138c3ee1086b8c2fd7913a254b89117f9289b4809dc51573a8db871c248db
16dbff82ef6cf9de7d054c9df4d47b7cc7ae3d659527f74ae2ad7509fd0b1545
170c13078d5120bcf4479ede9b358eff342692e12b75c125e81080bbdf5fc341
1738258da5f518915ce07f76bc7979c772ddce8dfb22fe56036d9da1d91b0e5b
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
197630801ad24843609eac96ca3a13b2c7bf7d9499d7d412188749bb5924fa5f
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b2f18f4e492744fc171a6e67feeaf9f82017f595acfe2f2162fd722247d4a30
1eaf39da4a7bc521968553ccb045aaae4c3609d0f714197db1855e4b47bf31d4
1f30942606452f6110fe2a2039a3c4d3232330c4420f3efba9d0b4628e6a7063
1f9187f094239de8b9cfd32162b64e9e8ceb17cc55d68a1eac2b0bc85ef12e2f
1fbe11e455dc09999b418a1398bb62af1a92dd985852e99132ac2c483bc6e748
20dc8d709eb3b121879e4796822a5460bb32c8eb9b12d3e7917c76b0154b4cae
24f07cc7e809dd4a6217965961736cee4fb4b75efada450426c2a4e66f5be6a1
2a57a61c431ad9b51fe75897364c4842fb2789893be26351b25a4885329d3dad
2eba0c668c4cf3ca9b2c3033bea44179f78811976dd0fc2d0568a3a822d28663
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ecbfd59a1946443810fb4d721e60fe15d03099f19c17e6f673d347339d62d6
3483d215247ba9a3968cb0dad69ebc97bc9493f89437acfe55d57d32be5514e3
34f3f7e5ba0f8c1d2b96bcc79567da5ac6f17ca2165f20d57f9d642ea84580a3
35db18405851c03542c182401aad0d089a64afd2b134e8733e5fa9a00c38d429
35e2a95e2c301688891166f8ee17a37c5d5e512b907890c6493221882e96a8ed
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a0e811098f72140bab30c871e53e46e5c210395fcde04ae3fab789e861e3bba
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40d387d2577430684856fccdd2491decb82ace5d4a302710772935ef05e8a79b
43077b2adc466deb1239eea7403129be680692ecc3d61488f00ed606cc2c3eb0
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4991eeeef00a4e609a2579379f212ff44953d79e4915c9c60b7ff5c6098d0854
4c56246e8ed44c3b03690c7f3bb7e3c6f9a0044c34dcc8b2fc5d5bf51ee28a01
4d14bf5026c7295be75d26ef54efff9366bfe9a67e01b96483259a5845138803
501abf1de8aa3888c7aae30cf5fe4244e943231f7a6d4bc88ae5949a9df67971
5056f93d2315caf4c9d3a9c6a47f7b7ecbb29d2544909b9b1f296f6ab17e6b29
547bfe45786020d5e9de262b053fecc7e9031cac23695f136d411b67e604c90e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569f737437cb1189eb746c9157a46317f35ff7fe03220fa64090ddf84d9e1b6c
5831e5ad7635f2630ba40f81ae235cba2d8e5873ed36febe940f3f76f070b626
58bf62a940c1cde0b3a0dad46d0b62b755e94f56f9e4ab12279622194a5a386a
5a5c5c4441d3c8347bb2753c4e67e6e15166231d860603ed9e91e0781e285407
5aaa8db728561ed9909485da8c7f79d1085f97835e23aa7996d467cd09b61139
5b0d0d08c3b7fbdc8164e467ee1d637e4b616be1a489699c18b67082281851b8
5c63d9b104a33e3ace3daf979afc0acc81f09774fafad895cd77a36aa833495a
6117243f9087c22d2c899efffab51d219f0053892e68ce513fe23709219a453a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62338f03a657ac94480b68d20aeae00e0e44e9a7c95c390461d3c6bda3bc0be1
63b942203ce4b9f671cb68baa488da2fb141cb386c84d07f279ed5884a39a26a
63ee6c6cf034af913a873e9d64304db9e3baef9b1ee53d2378b4694e66e4ecfb
65a2748325cf4305d3a33f197b9c5bf8f79cea66b8f67d9fd8649c7e45693846
68179b2afb435b07725952ee0ccbea4c87220b9cd756d4f584e2867f277a7c15
6d17722c0875c3e0ee46ae3bda0157929646bf3cc5a541871b86ee5710ca4ce3
6e7d503f53b7dcf6d7ed944e7869895a4335c34cbdd3aa458f553fe7210f3c5b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7173387ce678f52213086714f1e0b5d65fb1b4aa64d07ede23f0c7297fcfb9fa
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
756cdd0fa45963854a07e5b5294bc991d0028831056056766192a50e3c348923
77014622bb2b3b959cef95b4e87520f3422d0344a366b0820580b9f9201d5b7f
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
78c12eac5f100fbe2621c479b57cce623df21ff660f526b2ef0a637ba8cb9daf
798e049729f1f34600e35eca3e3fb2d1e9e61a74c05dccf54e0024f1116d0459
7aec81d128c0c8c74c253e848d2f18c282640481ac96d2a7c26858df35156685
7b801689ae02587eee2dc7fa323e6726b98b9d5b8df72898caa97b7f7c5804e7
7b8229a042f170d262a77b93bc514a56ec5b4fdbd28aa4aa9daa26ff30cb7835
821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664
83340911733e4ae3c55fc3763d089fa38e427248ac4833ee3209c5c5f7f385dd
868363ef2870b0754aff551f47a8058255af7768783bbc152711cd4552fb7f0f
8754a4a3a6da1cb7a8db367e680349d8a0880d4c94739c4b12cdbf54b80344e7
875e5e8cbd7d75299a7d7a024b4d0cbb4f711d6419ae750d48f3eb40b391971f
88272b5d03b2c8eaae58a1f5bbdebda773fc69b25b6917b5cb5b3b7c4c798ce0
889a6a4c5ac6f761824dcb8ac9c979221901da1ca937dd0b4e8280626a943fa1
88b4d4627e1e206d18640d49737db3589b7a76c88bc34f671842f685a618492e
8a3182656fd57804a9fa5a9913e6d9115a8a9c39092c9372b346d6fa26fc76c2
8aeddec286adac4df769c2ddc134390534f0ccb13d5dd4adc4995bb91785dc82
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94e25a4cbb905f5c59751999c7f2e02e2141e2dd71fd7ed52d493c394e56523b
952cf5e059b28e5e0c69252c6b9e40f6b654a30bd9d9fbd5b32380523a6305d2
95a4528bd392bd74ea34edb64be1ade6d8fb098ccc378a4303dec626ea55587c
991fe33155584583fa75319093a543a4f074e91a7db90ab8b6fbb2f39aa1023d
9a935de3bf67caebf6723b5ae9e8377a1e5a5d5b113123dba8d6765330920fa6
9c322c2fc3f21d0e48a73226f77217dfc597f60375a89f3ddb806ecf0cb8c7cf
9ddc915361342a19710975f2501f049a0e5e39e1316931a2ec2f7d41fceb56fa
9e2ba94e0560e4fec85f629e0b8ffcd4c7ea29b5f0076a0bd849f1fdb86a1d56
9feeee1cd462d6006e1a88d494a55210e312749abf6c8ee3a8f640fa8d97ea8d
9ff7aa35ab961b2ccc4adce767f8528ef0c837cfe2032c596ce41128fe53cb39
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7fe7133070e1cf8b7b3b4dc0141c65715f447c05c83a909ba68b3c1b2d21ff2
a8488fdb121f8cad28b08018ed9f050fd5638e9c4bde3595157be14c156a5bb0
a8884bbfe36729926daac9ecfaa0c1148c9407882b47b4b1f302c98c42353ba5
a98d49db73833fc9c7897eb389d4da807856962211b9c3fceeb7ebe2db32310a
ab338808e940c1cf710c23ddd32cbca482dfc63fd64df682e4826c8db7477478
ae98779a2dfd22776c827c5252852ccec48f051b3deeb63f7100975091efe850
aeea97b165c6d67b516aea972a615e5ad65eca5e88d2663e701da80d6ea676a3
af70a5a9316f6ba9469e45ab3418d30fe023d4d4107edad3caea4f2a875e0ada
b37bb3cd2a4abcd5d1c1ef8ad3d4749581fb0fc228496fd88a76066b9fb20a6d
b5848434607a7498332c7482dc048070d09751df72ca7e268050b8f60a22cd83
b6e181d8d22021fae236554bbc58ab3e296c9bbe71c3e6576f339ee58dc55855
b6e635a7e1ab8ea1671505d940b05de3652d8fc5fa4aca94da773152deff70c4
b78ab16b972a289c3f833bb02edc358e3315ee48ccb618b57bd6e3c8a230c164
b7ff30dfd7ff14ed5455cf5fbbaa0fb11e1292e31c089ce08571fba4eff88d92
bb209f6895a18dc7d7095aaad06f1dd1096ea2fcb0c814bd84cd2f9e6a5aa6e0
bb3ecc55067ff3d52ee36e07d54bdb67eacea896d14c1212881b579b31248ab4
bf9209be13525f21636ba6e3ee76c6fd2bfec6bc5220239a90c1acc935f45c31
c0a7b78b741975a40bcc99c4b89e39855248aa76b3c8d639c8dc39245ebe1441
c40c1838ad15aab4171c37e1efdb8ced9436b007c18d3f7959bc57397f1de316
c7371b0d7e6389c5389f848a3727264fa31e6ce3a922dc347cd2501754e0e289
c80811682890bc851521c2ec9b34650fda42174c4bcc33f3f0c4ef142a2ba416
c8729ce07b150e60abf9131f05ff9aa8bcc4e7a497efd3407dea0cf42f0d1a2a
c9b84eee17d1c75ddf8e2eb1fcc8449e3678b27924230e9fde0c4d935e610890
c9e5d098ce8ac5a0bfc80ee01f66687c45ae36c41bc8092bf60c175231566a85
cba3b26e237f6ee1546d0bae1325c19fcb0216fba7d01e99d3d1f63cc6ef20c4
cc6529e14d173febf0d82fbded626e054f9661168837669e0e5205038a60cf8a
cd1dae61f172a36123d0a56dc8be7c011ecaba501b366b024b49e7ff71dccf49
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d025ceca2538b399dd7b863793db5a04d9255cd318e76ae6bc9a1b12acdfb28e
d49da972877e89c0fcfaae168568c077d22f4450dfd3af8bbce3d27295067b06
d5105460205f338247b81e410f884c8bd5e7291b11d2baeff44c84ef1916aced
d6a3e66c8af45914c313cbc1401c93e27bd63339b3ea769ca2a4f1413095feb6
d7a55e2b82b08c6d95a7f7e2a94ec8139a88831693ed4ce1bf583bedd17cdef0
da61d8b5bad5d2548301f0faa02e7ef79eff99fa7e541fd72ed8a24e4300fd56
dadf818cafb4f437b301203b0d2d96cf517132437ad9b0889ee5d61c4b969ac1
dba8842a30a0214ed2532bc6d5be0c667506050e386c56a11be5dc80d34cbb2b
dbfb42826ff016ec783a1534a158eb374c1c5fdfbf11642daf40e53b82cbd185
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e06a2a40ec1f9613831c608ad26f5102012533bf5e49d04343bb7c160569aa5d
e22e0b4835c1a36e8fe047dcbdecd1ae650e6df5774c26b036dda7c18678ca23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3
e671f3431cb9f0eeffabb92840a257a1bc58287cccd27ea95ccd7804f6b22a21
e697d3ba93d461b8a84b0fc64c795f50623ac8aaea96a3ededf6768a3dbeb0b8
e6bdb31bfa7e55ea5c522804e2be1d6d81edd855a7dcb912de42938bc84efa9c
e7fdad4000c8b6f43d85ca119e6929e62b6e76930ddbb6e1160beaa5e7feb678
e900fb35282de750f71034278389edce11a2ffa7f9cf657d05f78c2c3ae924eb
e94a1292b204a213eae5f37d69406ef14054ef645e8b6609ba9cf2a17e6187eb
f0297d7e8d2c94e730b6297447007cf92fdc2417dd76d11535cf047cda107302
f59f0970a83f8e48c69a140fe8f69664ee622cc6657ced25dc6d9395f21551d2
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7763196ab34776af723b173cc24a70e86788c382279b69f0f98c5194ac99fed
f7c4e07319372f2a7be589fba41f0a52192902daf83fdfa296e121a8bb5bab4f
f942555b0854fb8e208b2864901904bc57d32bd2f39fe0fbcae6a91e1f678a83
fa9332df86ab0e526394d968020a7cee7da13ecbc46fc2b0ca9af5ad21e64757
fc0819cf3ec458ccd6642f971be6a5d28ab5ef0aefe8d963305aa4eaa3818f56
fe92d768eb4771f43f6dbdd0f75db3f421cc25fe86a182e635909aec72b95749