m.metro-portal.hr Open in urlscan Pro
66.154.14.98 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va...
Submission: On March 12 via api (March 12th 2021, 8:28:28 am UTC) from BE

Summary HTTP 45 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 6 countries across 12 domains to perform 45 HTTP transactions. The main IP is 66.154.14.98, located in Atlanta, United States and belongs to SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN. The main domain is m.metro-portal.hr.

This is the only time m.metro-portal.hr was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	66.154.14.98 66.154.14.98	141518 (SUBHOST-A...) (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 1	91.209.18.90 91.209.18.90	8558 (HTTPOOL-N...) (HTTPOOL-NET-AS)
3	91.209.18.100 91.209.18.100	8558 (HTTPOOL-N...) (HTTPOOL-NET-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	34.241.3.199 34.241.3.199	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:a75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	65.9.58.48 65.9.58.48	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	148.69.64.109 148.69.64.109	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
2	108.128.81.149 108.128.81.149	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
45	17

16 66.154.14.98 (Atlanta, United States)

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)

m.metro-portal.hr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metro-portal.hr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.209.18.90 (Slovenia) 1 redirects

ASN8558 (HTTPOOL-NET-AS, SI)
PTR: relay.toboads.com

relay-hr.ads.httpool.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.209.18.100 (Slovenia)

ASN8558 (HTTPOOL-NET-AS, SI)
PTR: tas.toboads.com

tas-hr.toboads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.3.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-3-199.eu-west-1.compute.amazonaws.com

test-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:a75 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.58.48 (United States)

ASN16509 (AMAZON-02, US)

script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt

ui.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.81.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-81-149.eu-west-1.compute.amazonaws.com

adex.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	metro-portal.hr m.metro-portal.hr metro-portal.hr	320 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	159 KB
6	dotmetrics.net test-script.dotmetrics.net script.dotmetrics.net adex.dotmetrics.net	54 KB
6	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	6 KB
3	clevernt.com 1 redirects clevernt.com ui.clevernt.com	51 KB
3	toboads.com tas-hr.toboads.com	123 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	263 B
1	httpool.com 1 redirects relay-hr.ads.httpool.com	388 B
45	12

	Domain	Requested by
12	metro-portal.hr	m.metro-portal.hr
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	m.metro-portal.hr pagead2.googlesyndication.com tpc.googlesyndication.com
4	m.metro-portal.hr	m.metro-portal.hr
3	script.dotmetrics.net	m.metro-portal.hr test-script.dotmetrics.net script.dotmetrics.net
3	tas-hr.toboads.com	m.metro-portal.hr
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	adex.dotmetrics.net	test-script.dotmetrics.net adex.dotmetrics.net
2	clevernt.com	1 redirects m.metro-portal.hr
2	www.google-analytics.com	1 redirects m.metro-portal.hr
1	ui.clevernt.com	m.metro-portal.hr
1	stats.g.doubleclick.net	m.metro-portal.hr
1	test-script.dotmetrics.net	m.metro-portal.hr
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	relay-hr.ads.httpool.com	1 redirects
45	18

This site contains links to these domains. Also see Links.

Domain
metro-portal.hr

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-30` - `2021-07-30`	a year	crt.sh
*.dotmetrics.net Amazon	`2020-11-23` - `2021-12-22`	a year	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Frame ID: B4EEE367B441AECA4C52F0A49C850ACF
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html
Frame ID: B1DF68C6A5B80BF20A9D23C2AF03BBC7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9851925040537935&output=html&h=90&slotname=8692560791&adk=1977490785&adf=232845064&pi=t.ma~as.8692560791&w=728&lmt=1615537691&psa=0&format=728x90&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&flash=0&wgl=1&dt=1615537691596&bpp=10&bdt=257&idt=148&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6100724671805&frm=20&pv=2&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=441&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HD9nkAcUTY&p=http%3A//m.metro-portal.hr&dtd=189
Frame ID: 9AB558BCA07F4D02B817DCE77150D539
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9851925040537935&output=html&h=250&slotname=0596312511&adk=2348534486&adf=518088063&pi=t.ma~as.0596312511&w=300&lmt=1615537691&psa=0&format=300x250&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&flash=0&wgl=1&dt=1615537691704&bpp=3&bdt=364&idt=120&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6100724671805&frm=20&pv=1&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=327&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=287S2CFnLw&p=http%3A//m.metro-portal.hr&dtd=124
Frame ID: A7796D17E515E33FFDC2639DCEC64947
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9851925040537935&output=html&h=250&slotname=0596312511&adk=2348534486&adf=4096898513&pi=t.ma~as.0596312511&w=300&lmt=1615537691&psa=0&format=300x250&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&flash=0&wgl=1&dt=1615537691730&bpp=1&bdt=390&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=6100724671805&frm=20&pv=1&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=1059&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=nJTE0Ikqv7&p=http%3A//m.metro-portal.hr&dtd=132
Frame ID: 7DE3667C290C2220065F0F862DF344F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9851925040537935&output=html&adk=1812271804&adf=3025194257&lmt=1615537691&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&ea=0&flash=0&pra=7&wgl=1&dt=1615537691884&bpp=1&bdt=544&idt=2&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&nras=1&correlator=6100724671805&frm=20&pv=1&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=25
Frame ID: 921EDC2E11128BD2947324031515C046
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C0F3C2C42C83D9A59778C6471130FF7A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

45
Requests

53 %
HTTPS

56 %
IPv6

12
Domains

18
Subdomains

17
IPs

6
Countries

756 kB
Transfer

1419 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://metro-portal.hr/kineski-horoskop-za-godinu-stakora-2020/123328
Title: Kineski

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://relay-hr.ads.httpool.com/ HTTP 303
http://tas-hr.toboads.com/js/adi-ec561a14.js

Request Chain 26

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 28

http://clevernt.com/scripts/d7399cd417e6e4d1bddcefc775da1bfe.min.js?20200210=1615537691883 HTTP 301
https://clevernt.com/scripts/d7399cd417e6e4d1bddcefc775da1bfe.min.js?20200210=1615537691883

Request Chain 32

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=30551101&utmhn=m.metro-portal.hr&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Metro-portal.hr&utmhid=902644103&utmr=-&utmp=%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%2525C5%2525A1e&utmht=1615537692085&utmac=UA-3683590-1&utmcc=__utma%3D136159085.468324314.1615537692.1615537692.1615537692.1%3B%2B__utmz%3D136159085.1615537692.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1264029513&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=30551101&utmhn=m.metro-portal.hr&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Metro-portal.hr&utmhid=902644103&utmr=-&utmp=%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%2525C5%2525A1e&utmht=1615537692085&utmac=UA-3683590-1&utmcc=__utma%3D136159085.468324314.1615537692.1615537692.1615537692.1%3B%2B__utmz%3D136159085.1615537692.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1264029513&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3683590-1&cid=468324314.1615537692&jid=1264029513&_v=5.7.2&z=30551101

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set Va%C5%A1e Show response
m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/ 37 KB
8 KB 664ms
431ms Document
text/html 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to

Full URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 1f8cdcf17dbb32e795c4f9198473e1d40a26baf350ee607e7899eac400a511a3

Request headers

Host: m.metro-portal.hr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Server: Apache
Set-Cookie: ButlerCMG=85bd63e1817ffd14a6e654a693a72611; expires=Mon, 12-Mar-2046 14:24:07 GMT; path=/
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: User-Agent,Accept-Encoding
Content-Encoding: gzip
Content-Length: 7952
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK screen.css
m.metro-portal.hr/css/default/ 73 KB
16 KB 137ms
136ms Stylesheet
text/css 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to

Full URL: http://m.metro-portal.hr/css/default/screen.css?v=6793
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 83d589d1e8888e7c0cb4aeecbb3732efb48eb4594e02907d5deac14574042725

Request headers

Referer: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Sep 2018 15:55:35 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16389
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

377ee7092af19c39daed104f096ab955a8dcd5bb4d7c4d7922fea197336bea65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 12 Mar 2021 08:28:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13439632224215961392
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49997
X-XSS-Protection: 0
Expires: Fri, 12 Mar 2021 08:28:11 GMT

GET
H/1.1 200
OK cokoladno_mlijeko.jpg
metro-portal.hr/img/repository/2011/06/small_thumb/ 2 KB
3 KB 365ms
235ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2011/06/small_thumb/cokoladno_mlijeko.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 083927a73b571f6cc506f3ca17b7e317f65790e09e7cdcd28ad70923fef66269

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Fri, 24 Jun 2011 10:07:49 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2262
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK marko_dajak.jpg
metro-portal.hr/img/repository/2021/03/small_thumb/ 2 KB
2 KB 364ms
234ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2021/03/small_thumb/marko_dajak.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 21a212be04df0c9e497c781c8f92f72f5516c387b41726cb17f28cb8b5e6071b

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Thu, 11 Mar 2021 16:20:35 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1968
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK geisterkusse.jpg
metro-portal.hr/img/repository/2021/03/small_thumb/ 3 KB
3 KB 363ms
233ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2021/03/small_thumb/geisterkusse.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 516a574360595078eb209ae3863e798612b2c3cf5eb175aeb7f8041e5e27a8cc

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Thu, 11 Mar 2021 16:15:49 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2841
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK jutarnji_koncert.jpg
metro-portal.hr/img/repository/2008/04/small_thumb/ 2 KB
3 KB 364ms
235ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2008/04/small_thumb/jutarnji_koncert.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 5d412f91d05c62139260d3a87aa69d8d5a8d29a257be963bf940e82e3f0d5bc0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Sun, 20 Apr 2008 23:10:40 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2516
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK kviz_opceg_znanja_fak.jpg
metro-portal.hr/img/repository/2015/11/small_thumb/ 2 KB
3 KB 367ms
238ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2015/11/small_thumb/kviz_opceg_znanja_fak.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: a8223c68e1f625d02cd4919cd5b35c1065624f2cb20f6e2c72f4354e41d4521e

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Mon, 16 Nov 2015 12:24:02 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2502
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK kazaliste.jpg
metro-portal.hr/img/repository/2010/06/small_thumb/ 3 KB
3 KB 364ms
236ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2010/06/small_thumb/kazaliste.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 589a380fb8c947f9988d8e6eae6eacb31c420ed65ee6b96f262b0ca37712b65c

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Sun, 06 Jun 2010 22:18:02 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3119
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK zemlja.jpg
metro-portal.hr/img/repository/2008/11/small_thumb/ 2 KB
3 KB 132ms
129ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2008/11/small_thumb/zemlja.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 54c2ac22f739c050300c6d4bbf3f4946ee063cb6ed71d14016d863ae959b41a3

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Mon, 10 Nov 2008 11:11:16 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2400
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK 012_ribe_x.png
metro-portal.hr/img/repository/2016/12/small_thumb/ 5 KB
5 KB 130ms
128ms Image
image/png 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2016/12/small_thumb/012_ribe_x.png
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 01a2395f9949430848ce6ed57b626af0ababf86577480be2fb43454da9db30a7

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Fri, 30 Dec 2016 13:27:22 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4981
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK zg_film_skola_zghr_sk.jpg
metro-portal.hr/img/repository/2009/10/small_thumb/ 2 KB
3 KB 129ms
128ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2009/10/small_thumb/zg_film_skola_zghr_sk.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 3e230f734499d1d4f410a677665c490aaf47d122d723ca115d79e7574baf4083

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Mon, 05 Oct 2009 17:45:23 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2480
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK bongacams.jpg
metro-portal.hr/img/repository/2021/02/small_thumb/ 2 KB
3 KB 130ms
129ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2021/02/small_thumb/bongacams.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 0a284b9f7afeee461daca8e0e1f6863e61f2bbc2c3873796616b246e6b855d2a

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Fri, 26 Feb 2021 05:47:08 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2410
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK vjezbanje__1aa.jpg
metro-portal.hr/img/repository/2016/12/small_thumb/ 2 KB
2 KB 128ms
127ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2016/12/small_thumb/vjezbanje__1aa.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: f63a9965c7f8548b05e66ef8038ddbf1dc7b6d95f0c6c7acead015145d11b159

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Wed, 28 Dec 2016 13:07:55 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2047
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK pas_banija.jpg
metro-portal.hr/img/repository/2021/02/small_thumb/ 3 KB
3 KB 142ms
142ms Image
image/jpeg 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://metro-portal.hr/img/repository/2021/02/small_thumb/pas_banija.jpg
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 8b5e8427614bb381eb33699e3eff97d2462173d9e6040dfcb559f475b85cc617

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Tue, 02 Feb 2021 15:31:03 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2596
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1 200
OK script.js Show response
m.metro-portal.hr/js/default/ 160 KB
50 KB 282ms
259ms Script
application/javascript 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to

Full URL: http://m.metro-portal.hr/js/default/script.js?v=6786
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: 1df6ff8c1724818f6bad6fadfe68eeaa7d9abd1cbfa430b3d123ce45164bbef1

Request headers

Referer: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Oct 2013 10:56:51 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51293
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H/1.1

200
OK

adi-ec561a14.js Show response
tas-hr.toboads.com/js/
Redirect Chain

http://relay-hr.ads.httpool.com/
http://tas-hr.toboads.com/js/adi-ec561a14.js

121 KB
121 KB

131ms
61ms

Script
text/javascript

91.209.18.100
HTTPOOL-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tas-hr.toboads.com/js/adi-ec561a14.js
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI),
Reverse DNS: tas.toboads.com
Software: nginx / PHP/7.1.13
Resource Hash: cc96184499473170e6e815ba36a1247178102a395a399a0370641fad71e8adde

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:28:11 GMT
Last-Modified: Mon, 01 Mar 2021 11:02:58 GMT
Server: nginx
X-Powered-By: PHP/7.1.13
ETag: W/"ebadc3b25a8662991415a39814ec4260"
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="httpool"
Cache-Control: private, max-age=21254400
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Expires: Tue, 02 Nov 2021 11:02:58 GMT

Redirect headers

Date: Fri, 12 Mar 2021 08:28:11 GMT
Last-Modified: Fri, 12 Mar 2021 08:28:11 GMT
Server: nginx
X-Powered-By: PHP/7.1.13
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: http://tas-hr.toboads.com/js/adi-ec561a14.js
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Connection: keep-alive

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/ 225 KB
85 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9851925040537935&plah=m.metro-portal.hr&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86491
x-xss-protection: 0
server: cafe
etag: 16470564300944896599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 12 Mar 2021 08:28:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/ Frame B1DF 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210309/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210309/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://m.metro-portal.hr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://m.metro-portal.hr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Mar 2021 23:47:12 GMT
expires: Thu, 25 Mar 2021 23:47:12 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 31259
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK spriteBg-merge-header-darker.png
m.metro-portal.hr/css/default/images3/ 210 KB
210 KB 132ms
131ms Image
image/png 66.154.14.98
SUBHOST-AS-IN Sub...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://m.metro-portal.hr/css/default/images3/spriteBg-merge-header-darker.png
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/css/default/screen.css?v=6793
Protocol: HTTP/1.1
Server: 66.154.14.98 Atlanta, United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software: Apache /
Resource Hash: fc1c4f019aa85a0b5b3ce645edbf520a263c02fc340f46a0350c9501f9847f46

Request headers

Referer: http://m.metro-portal.hr/css/default/screen.css?v=6793
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:24:07 GMT
Last-Modified: Wed, 19 Sep 2018 15:44:17 GMT
Server: Apache
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 214557
Expires: Sun, 11 Apr 2021 08:24:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 205 B
263 B 48ms
47ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=m.metro-portal.hr&callback=_gfp_s_&client=ca-pub-9851925040537935

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210309/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9851925040537935&plah=m.metro-portal.hr&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

aa064f60029ed8ac0e5358d107eb9ec9652260d8aa79064509a4c3696983b773

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=m.metro-portal.hr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 08:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=m.metro-portal.hr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 08:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9AB5 399 B
330 B 160ms
142ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9851925040537935&output=html&h=90&slotname=8692560791&adk=1977490785&adf=232845064&pi=t.ma~as.8692560791&w=728&lmt=1615537691&psa=0&format=728x90&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&flash=0&wgl=1&dt=1615537691596&bpp=10&bdt=257&idt=148&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6100724671805&frm=20&pv=2&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=441&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HD9nkAcUTY&p=http%3A//m.metro-portal.hr&dtd=189

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8392f656c7ee13bc6234a9c597d5eba88d1738ff871cab910828f9d51ecaa095

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9851925040537935&output=html&h=90&slotname=8692560791&adk=1977490785&adf=232845064&pi=t.ma~as.8692560791&w=728&lmt=1615537691&psa=0&format=728x90&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&flash=0&wgl=1&dt=1615537691596&bpp=10&bdt=257&idt=148&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6100724671805&frm=20&pv=2&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=441&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=HD9nkAcUTY&p=http%3A//m.metro-portal.hr&dtd=189
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://m.metro-portal.hr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://m.metro-portal.hr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Mar 2021 08:28:11 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Mar-2021 08:43:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 08:28:11 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615378846156468"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28222
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:28:11 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A779 399 B
227 B 212ms
211ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9851925040537935&output=html&h=250&slotname=0596312511&adk=2348534486&adf=518088063&pi=t.ma~as.0596312511&w=300&lmt=1615537691&psa=0&format=300x250&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&flash=0&wgl=1&dt=1615537691704&bpp=3&bdt=364&idt=120&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6100724671805&frm=20&pv=1&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=327&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=287S2CFnLw&p=http%3A//m.metro-portal.hr&dtd=124

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea027b102c2e77c01dad813af6f05c03d0cda07f503a7889170d3590ccbc1f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9851925040537935&output=html&h=250&slotname=0596312511&adk=2348534486&adf=518088063&pi=t.ma~as.0596312511&w=300&lmt=1615537691&psa=0&format=300x250&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&flash=0&wgl=1&dt=1615537691704&bpp=3&bdt=364&idt=120&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6100724671805&frm=20&pv=1&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=327&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=287S2CFnLw&p=http%3A//m.metro-portal.hr&dtd=124
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://m.metro-portal.hr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://m.metro-portal.hr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Mar 2021 08:28:12 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Mar-2021 08:43:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 08:28:12 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7DE3 399 B
269 B 141ms
134ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9851925040537935&output=html&h=250&slotname=0596312511&adk=2348534486&adf=4096898513&pi=t.ma~as.0596312511&w=300&lmt=1615537691&psa=0&format=300x250&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&flash=0&wgl=1&dt=1615537691730&bpp=1&bdt=390&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=6100724671805&frm=20&pv=1&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=1059&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=nJTE0Ikqv7&p=http%3A//m.metro-portal.hr&dtd=132

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbb30f3dbcbefadc28d2084e41c4a7247ef180bb7a252361e9b3fd94266aa6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9851925040537935&output=html&h=250&slotname=0596312511&adk=2348534486&adf=4096898513&pi=t.ma~as.0596312511&w=300&lmt=1615537691&psa=0&format=300x250&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&flash=0&wgl=1&dt=1615537691730&bpp=1&bdt=390&idt=108&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&correlator=6100724671805&frm=20&pv=1&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=989&ady=1059&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=nJTE0Ikqv7&p=http%3A//m.metro-portal.hr&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://m.metro-portal.hr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://m.metro-portal.hr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 12 Mar 2021 08:28:12 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Mar-2021 08:43:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 08:28:12 GMT
cache-control: private

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

19ms
18ms

Script
text/javascript

2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2755
date: Fri, 12 Mar 2021 07:42:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 12 Mar 2021 09:42:17 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK door.js Show response
test-script.dotmetrics.net/ 7 KB
3 KB 104ms
70ms Script
application/javascript 34.241.3.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://test-script.dotmetrics.net/door.js?id=2104
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: HTTP/1.1
Server: 34.241.3.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-3-199.eu-west-1.compute.amazonaws.com
Software: Kestrel /
Resource Hash: 600120ff9a14cae4799b180b826f30fb9cdf50691334bd702e974ff167598dee

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 12 Mar 2021 08:28:11 GMT
Content-Encoding: gzip
Server: Kestrel
ETag: "2104...176.2021031208"
Vary: Accept-Encoding
p3p: policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript

GET
H2

200

d7399cd417e6e4d1bddcefc775da1bfe.min.js Show response
clevernt.com/scripts/
Redirect Chain

http://clevernt.com/scripts/d7399cd417e6e4d1bddcefc775da1bfe.min.js?20200210=1615537691883
https://clevernt.com/scripts/d7399cd417e6e4d1bddcefc775da1bfe.min.js?20200210=1615537691883

120 KB
49 KB

50ms
21ms

Script
text/javascript

2606:4700:20::681a:a75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clevernt.com/scripts/d7399cd417e6e4d1bddcefc775da1bfe.min.js?20200210=1615537691883
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f0fcac848f4053e1118dec0d2cda51352bfc8e52ee35814c6aa3564fc0c6d8f

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3292
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JP3BWJAASDSK18DJ
x-amz-id-2: YCDOCyig7u1Nj6WX2QMjK2QkBJASxKIPPcahrXsbZ4CTNCnqXUZnVsQhG4C7fLovbA6CABZ2kfo=
last-modified: Fri, 12 Mar 2021 03:18:20 GMT
server: cloudflare
etag: W/"ea6623f69072d31d7decb564ef175e31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kyi4a8%2BRXcXpubqRsJCNfNqh1ukxCnjBJfC2Mobet2v4mPFOLjcknQ%2BGZwXH8ar3Nk7ZsV2cGoZUOMeHzy8m2gTqZRaOIL8Z9h7N1xu08i5mj1NdpR19nOE%3D"}],"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=1800
cf-request-id: 08c725f59500004ac3db244000000001
cf-ray: 62eba5cf5ae34ac3-FRA

Redirect headers

Date: Fri, 12 Mar 2021 08:28:11 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xqc8X4urfZjUABEk9%2FNVqv4xHe5fTxr%2BikP3sO4gnqisrnG9RnNQPnJteCs1GqzH10FWiY9TYchDuLsa6k88lB9Vg%2FRHSpJDRjFbtJXfJqzE2rePKSBl0ng%3D"}],"group":"cf-nel","max_age":604800}
Location: https://clevernt.com/scripts/d7399cd417e6e4d1bddcefc775da1bfe.min.js?20200210=1615537691883
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 62eba5ce6e1cc2b8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c725f5020000c2b83aae2000000001
Expires: Fri, 12 Mar 2021 09:28:11 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 921E 0
549 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9851925040537935&output=html&adk=1812271804&adf=3025194257&lmt=1615537691&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&ea=0&flash=0&pra=7&wgl=1&dt=1615537691884&bpp=1&bdt=544&idt=2&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&nras=1&correlator=6100724671805&frm=20&pv=1&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=25

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9851925040537935&output=html&adk=1812271804&adf=3025194257&lmt=1615537691&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&ea=0&flash=0&pra=7&wgl=1&dt=1615537691884&bpp=1&bdt=544&idt=2&shv=r20210309&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250%2C300x250&nras=1&correlator=6100724671805&frm=20&pv=1&ga_vid=468324314.1615537692&ga_sid=1615537692&ga_hid=902644103&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3505950415909618&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://m.metro-portal.hr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://m.metro-portal.hr/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 12 Mar 2021 08:28:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Mar-2021 08:43:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 08:28:11 GMT
cache-control: private

GET
H2 200 hit.gif
script.dotmetrics.net/ 43 B
737 B 119ms
51ms Image
image/gif 65.9.58.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://script.dotmetrics.net/hit.gif?id=2104&url=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&dom=m.metro-portal.hr&r=1615537692052&pvs=1&pvid=km61fh5g4d4n0zh1wc&c=true
Requested by: Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:12 GMT
dotmetrics-hit-status: 05 DOMAIN_INVALID
server: Kestrel
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: image/gif
x-amz-cf-id: Cu6agmDnI6KuKFZXCGa-EBNt2KPanBgqLyWwH5mlu7XNtRbeAljm_A==

GET
H/1.1 200
OK adl-d9566a3e.js Show response
tas-hr.toboads.com/js/ 235 B
626 B 61ms
59ms Script
text/javascript 91.209.18.100
HTTPOOL-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tas-hr.toboads.com/js/adl-d9566a3e.js?b=1&rq=217a042c-8c2c-12cc-612c-5c51950b07fa&vt=7f5417de-bef0-4af5-b2f9-dde521e16520&isf=false&zn=aa58dee92&tm=0&af=600x0&fv=undefined&nw=0&co=1&vh=1200&vw=1600&asc=1&srf=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&loc=eq-srf&rn=7c24ccce-f9f9-46f3-6205-edee729a9675&ct=402e460c-d391-f257-aeb4-a48029be4ef0&c=hA_c_0_76be3463&ah=0&
Requested by: Host:
URL: webpack:///../javascript/src/WindowManager.js?
Protocol: HTTP/1.1
Server: 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI),
Reverse DNS: tas.toboads.com
Software: nginx / PHP/7.1.13
Resource Hash: 3eb61f15a8503876d4c34a624beb14b12530d57056d681237c8fd7ff6719c3c8

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Mar 2021 08:28:12 GMT
Last-Modified: Fri, 12 Mar 2021 08:28:12 GMT
Server: nginx
X-Powered-By: PHP/7.1.13
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="httpool"
Cache-Control: private, max-age: 0
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 12 Mar 2021 07:28:12 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=30551101&utmhn=m.metro-portal.hr&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Metro...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=30551101&utmhn=m.metro-portal.hr&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Metr...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3683590-1&cid=468324314.1615537692&jid=1264029513&_v=5.7.2&z=30551101

35 B
100 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3683590-1&cid=468324314.1615537692&jid=1264029513&_v=5.7.2&z=30551101

Requested by

Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Mar 2021 08:28:12 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Mar 2021 08:28:12 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-3683590-1&cid=468324314.1615537692&jid=1264029513&_v=5.7.2&z=30551101
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 367
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adl-d9566a3e.js Show response
tas-hr.toboads.com/js/ 235 B
626 B 92ms
73ms Script
text/javascript 91.209.18.100
HTTPOOL-NET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tas-hr.toboads.com/js/adl-d9566a3e.js?b=2&rq=217a042c-8c2c-12cc-612c-5c51950b07fa&vt=7f5417de-bef0-4af5-b2f9-dde521e16520&isf=false&zn=a2f08c266&tm=0&af=0x0&fv=undefined&nw=0&co=1&vh=1200&vw=1600&asc=1&srf=http%3A%2F%2Fm.metro-portal.hr%2Fusers%2Factivate%2FHowtoTurn30000into128000httpdcshru.rujhvc1535%2F2e6b96d8d1c5cfc85b1f4c9b6f37bad4%2FVa%25C5%25A1e&loc=eq-srf&rn=f702fad3-de0c-7d46-87d8-1a55edcf0049&ct=5c82529d-b58c-c872-d301-d84a3e519df5&c=hA_c_1_b8e31aba&ah=0&
Requested by: Host:
URL: webpack:///../javascript/src/WindowManager.js?
Protocol: HTTP/1.1
Server: 91.209.18.100 , Slovenia, ASN8558 (HTTPOOL-NET-AS, SI),
Reverse DNS: tas.toboads.com
Software: nginx / PHP/7.1.13
Resource Hash: 38e662fec19075dc508222de1f90fcf374a597a5974dcc3caaa444fde2823ae0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Mar 2021 08:28:12 GMT
Last-Modified: Fri, 12 Mar 2021 08:28:12 GMT
Server: nginx
X-Powered-By: PHP/7.1.13
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="httpool"
Cache-Control: private, max-age: 0
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 12 Mar 2021 07:28:12 GMT

GET
H2 200 docallbackinfoc9de285b7b964df298901e0a1f18f72d.js Show response
ui.clevernt.com/ 695 B
1019 B 206ms
69ms Script
text/javascript 148.69.64.109
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.clevernt.com/docallbackinfoc9de285b7b964df298901e0a1f18f72d.js

Requested by

Host: m.metro-portal.hr
URL: http://m.metro-portal.hr/users/activate/HowtoTurn30000into128000httpdcshru.rujhvc1535/2e6b96d8d1c5cfc85b1f4c9b6f37bad4/Va%C5%A1e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),

Reverse DNS

host-109.clevernetwork.pt

Software

nginx /

Resource Hash

ccf155393e816d914bf63772e3df95c539106b92777c708f00e27c582fb1da50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Fri, 12 Mar 2021 08:28:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=15768000
expires: Fri, 12 Mar 2021 09:28:12 GMT

GET
H2 200 script.js Show response
script.dotmetrics.net/Scripts/ 76 KB
34 KB 61ms
60ms Script
application/javascript 65.9.58.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.dotmetrics.net/Scripts/script.js?v=176
Requested by: Host: test-script.dotmetrics.net
URL: http://test-script.dotmetrics.net/door.js?id=2104
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: fa92512bfdaeac894f6a39dc3900f5d160fd109f67604e6c6e87136b5fbb485e

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:12 GMT
content-encoding: br
last-modified: Wed, 23 Dec 2020 10:33:50 GMT
server: Kestrel
x-amz-cf-pop: FRA56-C1
etag: "1d6d9171a220aad"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-cf-id: AnlT_NxBNrB_lsFSltZsM9Q7g0XuY_qHPt2afFeKZUptJk9Iw3z8Ew==

GET
H2 200 adexConfig.js Show response
adex.dotmetrics.net/ 6 KB
6 KB 152ms
50ms Script
text/javascript 108.128.81.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adex.dotmetrics.net/adexConfig.js?v=176&id=2104
Requested by: Host: test-script.dotmetrics.net
URL: http://test-script.dotmetrics.net/door.js?id=2104
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.81.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-81-149.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fc7c55ab41cede707fd0eebadb093452e5cfba8de4569048076931fdf98b66fb

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:12 GMT
etag: "2104.35"
last-modified: Mon, 22 Mar 2021 08:28:12 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://adex.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
cache-control: private
content-type: text/javascript; charset=utf-8
content-length: 5806

GET
H2 200 adexScript.v8.js Show response
adex.dotmetrics.net/Scripts/ 29 KB
10 KB 52ms
52ms Script
application/javascript 108.128.81.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adex.dotmetrics.net/Scripts/adexScript.v8.js?v=35
Requested by: Host: adex.dotmetrics.net
URL: https://adex.dotmetrics.net/adexConfig.js?v=176&id=2104
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.81.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-81-149.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 1b1ac6999f83b2bee4c0bd82f740261dcbde632c28414bd924de390d33db23c5

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:12 GMT
content-encoding: gzip
etag: "097ae71d17d71:0"
last-modified: Fri, 12 Mar 2021 07:00:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 10484

GET
H2 200 SiteEvent.dotmetrics Show response
script.dotmetrics.net/ 18 B
728 B 53ms
53ms Script
application/javascript 65.9.58.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MjEwNCwiZmwiOnRydWUsImRvbSI6Im0ubWV0cm8tcG9ydGFsLmhyIiwiZnNvIjpudWxsLCJsc28iOm51bGwsInVybCI6Imh0dHA6Ly9tLm1ldHJvLXBvcnRhbC5oci91c2Vycy9hY3RpdmF0ZS9Ib3d0b1R1cm4zMDAwMGludG8xMjgwMDBodHRwZGNzaHJ1LnJ1amh2YzE1MzUvMmU2Yjk2ZDhkMWM1Y2ZjODViMWY0YzliNmYzN2JhZDQvVmElQzUlQTFlIiwicnVybCI6IiIsInB2cyI6MSwicHZpZCI6ImttNjFmaDVnNGQ0bjB6aDF3YyIsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1615537692341
Requested by: Host: script.dotmetrics.net
URL: https://script.dotmetrics.net/Scripts/script.js?v=176
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 7153de840f0ead8b0b5015d3f47ae25c347476e0a24b851bb5ab0831c58a0226

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:12 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: application/javascript
x-amz-cf-id: 3wBpHJjNUyWp7vXCiWDI-k4o8zHJL-OrWp9BmyqvmJN6EiXvrCX3sQ==

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
32ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210309&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a8f5eb2c78d7c791813e4a325e48b3a5bddba5d727e5dd9da7bc57e357b85d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Mar 2021 08:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6618
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 12 Mar 2021 08:28:12 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C0F3 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://m.metro-portal.hr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://m.metro-portal.hr/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 12 Mar 2021 08:15:37 GMT
expires: Sat, 12 Mar 2022 08:15:37 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 755
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js Show response
pagead2.googlesyndication.com/bg/ Frame C0F3 14 KB
6 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 08:11:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 17:45:00 GMT
server: sffe
age: 973
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5732
x-xss-protection: 0
expires: Sat, 12 Mar 2022 08:11:59 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210309&jk=3505950415909618&bg=!SUqlSgnNAAUO7zDoDjsAKQB2-Dxanin2jBsNc1ofPYmIvnKlXiTR_FMDMRGMzySwBIXkEcXPXUlzAgAAAHlSAAAACmgBBwoAkYPtu-dyDxcRKmJAKq_SywmlFKGUD6wwgfAC24BaNgW9UfDjljPKnHfBMzPbmQP9b853j5u2u7h4G4B8mxL9vx3YjbwqCzYxBvPPEBXfMeIMVgB_ZfX387f-An8p8-0feNCC0B-bryJj-wDSKRaa9CMUXMyKpjmQyWmzczcXtm5jBNUliVDXxQISYtL4aXzoLtKZAgjYHANYOheuA24HxC-zPjLeltfsE0xwtwDGagO5SsF_FNAjVffSEmvUkjTd1IfrCTziBWAuMIuXcvNmMsoXPQLYk72l7EcrwndnuOHaF8u52hIpRHDMDouER8XHRb-zq5NSV6yrJt8vsrjkAcktDlGcli51oBCnAqREh6Bnn7BUXCmdRDdpuGDyt7g74dy84yOAC4V-uK3MgSFZxIGgdYsJCcs2957hXBgw8_Ol7dimPlgDRElZcgAux-eLLGHTMZGcJ8cwpzobNVp3Iwy_CdcmuRHQf6KuCSnCeXlOFc3q8n-GEIjy07epWcPU1vywnJyZVp5ZYXgNzt30d-IuHKfPuaLITttdl8oKlD8kHHEi93jjCut45W1bAhvxH6YL1FnjHbOPsa5Vg8ABA0HZ3lgnbIkOA74lJ0QGlSCRJtyjoa5yLHqCzcX_uW0R1isWr1JwHSx6KjUX5RwvfhDuiiu5aXk_OSlfEjBwlMi3u631Lx7pqz2QwQoMIm1RRw1t3zoixjtoFjCBML15vqHuC50ZOV1s384MJQuqFBcc9G5gvQ_0BobkyXEfdfgNEMGJm_5OtsA4zf5_RsN5b5QBvZQBojODHG5eexgglLPsByiowW-PrWgenH8hEq-Rez24BuOsHIgXFSOUTZtztL1I5n26bBYMrYejLZRID5fHGKSoSSn79CzDizzg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://m.metro-portal.hr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 08:28:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:45:38	Name: test_cookie Value: CheckForPermission
m.metro-portal.hr/	1970-01-19 16:45:39	Name: DM_SitId108SecIdT2104 Value: true
m.metro-portal.hr/	1970-01-19 16:45:39	Name: DM_SitIdT108 Value: true
m.metro-portal.hr/	1969-12-31 23:59:59	Name: DM_SitId108 Value: true
.m.metro-portal.hr/	1970-01-20 10:16:49	Name: __utma Value: 136159085.468324314.1615537692.1615537692.1615537692.1
.metro-portal.hr/	1970-01-20 02:07:13	Name: __gads Value: ID=24ccf7cf080188e8-22fbfc810da70092:T=1615537691:RT=1615537691:S=ALNI_MaXgCfJtaWipr2Z2ANud0RSghriog
.m.metro-portal.hr/	1970-01-19 16:45:38	Name: __utmt Value: 1
.m.metro-portal.hr/	1970-01-19 16:45:39	Name: __utmb Value: 136159085.1.10.1615537692
m.metro-portal.hr/	1969-12-31 23:59:59	Name: DM_SitId108SecId2104 Value: true
.m.metro-portal.hr/	1970-01-19 21:08:25	Name: __utmz Value: 136159085.1615537692.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
m.metro-portal.hr/	1970-01-28 19:54:37	Name: ButlerCMG Value: 85bd63e1817ffd14a6e654a693a72611
m.metro-portal.hr/	1970-01-20 01:31:13	Name: cb-enabled Value: enabled
.m.metro-portal.hr/	1969-12-31 23:59:59	Name: __utmc Value: 136159085

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adex.dotmetrics.net
adservice.google.com
adservice.google.de
clevernt.com
googleads.g.doubleclick.net
m.metro-portal.hr
metro-portal.hr
pagead2.googlesyndication.com
partner.googleadservices.com
relay-hr.ads.httpool.com
script.dotmetrics.net
stats.g.doubleclick.net
tas-hr.toboads.com
test-script.dotmetrics.net
tpc.googlesyndication.com
ui.clevernt.com
www.google-analytics.com
www.googletagservices.com
108.128.81.149
148.69.64.109
172.217.18.98
2606:4700:20::681a:a75
2a00:1450:4001:800::2001
2a00:1450:4001:801::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c1b::9a
34.241.3.199
65.9.58.48
66.154.14.98
91.209.18.100
91.209.18.90
01a2395f9949430848ce6ed57b626af0ababf86577480be2fb43454da9db30a7
083927a73b571f6cc506f3ca17b7e317f65790e09e7cdcd28ad70923fef66269
0a284b9f7afeee461daca8e0e1f6863e61f2bbc2c3873796616b246e6b855d2a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b1ac6999f83b2bee4c0bd82f740261dcbde632c28414bd924de390d33db23c5
1df6ff8c1724818f6bad6fadfe68eeaa7d9abd1cbfa430b3d123ce45164bbef1
1f8cdcf17dbb32e795c4f9198473e1d40a26baf350ee607e7899eac400a511a3
21a212be04df0c9e497c781c8f92f72f5516c387b41726cb17f28cb8b5e6071b
3763a8975fcfa164fadcbc035780a147f75434ecaf79f33c1f3d0221477458cb
377ee7092af19c39daed104f096ab955a8dcd5bb4d7c4d7922fea197336bea65
38e662fec19075dc508222de1f90fcf374a597a5974dcc3caaa444fde2823ae0
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3e230f734499d1d4f410a677665c490aaf47d122d723ca115d79e7574baf4083
3eb61f15a8503876d4c34a624beb14b12530d57056d681237c8fd7ff6719c3c8
495b316cdda6e7b6ce663bb9eeeee0cf6f7f6e5969d0a6c1fe39307cbdb9d686
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
516a574360595078eb209ae3863e798612b2c3cf5eb175aeb7f8041e5e27a8cc
54c2ac22f739c050300c6d4bbf3f4946ee063cb6ed71d14016d863ae959b41a3
589a380fb8c947f9988d8e6eae6eacb31c420ed65ee6b96f262b0ca37712b65c
5a8f5eb2c78d7c791813e4a325e48b3a5bddba5d727e5dd9da7bc57e357b85d4
5d412f91d05c62139260d3a87aa69d8d5a8d29a257be963bf940e82e3f0d5bc0
600120ff9a14cae4799b180b826f30fb9cdf50691334bd702e974ff167598dee
6f0fcac848f4053e1118dec0d2cda51352bfc8e52ee35814c6aa3564fc0c6d8f
7153de840f0ead8b0b5015d3f47ae25c347476e0a24b851bb5ab0831c58a0226
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8392f656c7ee13bc6234a9c597d5eba88d1738ff871cab910828f9d51ecaa095
83d589d1e8888e7c0cb4aeecbb3732efb48eb4594e02907d5deac14574042725
8b5e8427614bb381eb33699e3eff97d2462173d9e6040dfcb559f475b85cc617
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8223c68e1f625d02cd4919cd5b35c1065624f2cb20f6e2c72f4354e41d4521e
aa064f60029ed8ac0e5358d107eb9ec9652260d8aa79064509a4c3696983b773
bbb30f3dbcbefadc28d2084e41c4a7247ef180bb7a252361e9b3fd94266aa6c7
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
cc96184499473170e6e815ba36a1247178102a395a399a0370641fad71e8adde
ccf155393e816d914bf63772e3df95c539106b92777c708f00e27c582fb1da50
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea027b102c2e77c01dad813af6f05c03d0cda07f503a7889170d3590ccbc1f33
f63a9965c7f8548b05e66ef8038ddbf1dc7b6d95f0c6c7acead015145d11b159
fa92512bfdaeac894f6a39dc3900f5d160fd109f67604e6c6e87136b5fbb485e
fc1c4f019aa85a0b5b3ce645edbf520a263c02fc340f46a0350c9501f9847f46
fc7c55ab41cede707fd0eebadb093452e5cfba8de4569048076931fdf98b66fb

m.metro-portal.hr Open in urlscan Pro 66.154.14.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

45 Requests

53 %HTTPS

56 %IPv6

12 Domains

18 Subdomains

17 IPs

6 Countries

756 kBTransfer

1419 kBSize

13 Cookies

1 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

m.metro-portal.hr Open in urlscan Pro
66.154.14.98 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

53 %
HTTPS

56 %
IPv6

12
Domains

18
Subdomains

17
IPs

6
Countries

756 kB
Transfer

1419 kB
Size

13
Cookies

45 HTTP transactions
0 data transactions