urlscan.io logo urlscan.io
SecurityTrails logo

metrolagu.click Open in urlscan Pro
2606:4700:3035::ac43:d6e3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ozy.one/
Effective URL: http://metrolagu.click/
Submission: On September 06 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3035::ac43:d6e3, located in United States and belongs to CLOUDFLARENET, US. The main domain is metrolagu.click.
This is the only time metrolagu.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3035::ac43:bd7c (United States)

ASN13335 (CLOUDFLARENET, US)
ozy.one
3    2606:4700:3035::ac43:d6e3 (United States)

ASN13335 (CLOUDFLARENET, US)
metrolagu.click
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
16    2a00:1450:4001:809::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
Apex Domain
Subdomains		 Transfer
16 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
249 KB
3 imgur.com
i.imgur.com — Cisco Umbrella Rank: 4706
41 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
ajax.googleapis.com — Cisco Umbrella Rank: 480
32 KB
3 metrolagu.click
metrolagu.click
269 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
54 KB
2 ozy.one
ozy.one
1 KB
1 gstatic.com
fonts.gstatic.com
17 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
44 KB
29 8
Domain Requested by
16 i.ytimg.com metrolagu.click
3 i.imgur.com metrolagu.click
3 metrolagu.click metrolagu.click
2 www.youtube.com metrolagu.click
www.youtube.com
2 fonts.googleapis.com metrolagu.click
2 ozy.one 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com metrolagu.click
1 ajax.googleapis.com metrolagu.click
29 9

This site contains links to these domains. Also see Links.

Domain
albums.work
stafaband.ozy.one
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
*.metrolagu.click
E1		 2022-08-26 -
2022-11-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://metrolagu.click/
Frame ID: 372C710E38F0B82C2EB4C875F6280008
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

METROLAGU - Download MP3 Music Free

Page URL History Show full URLs

  1. http://ozy.one/ HTTP 301
    https://ozy.one/ HTTP 301
    http://metrolagu.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

97 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

706 kB
Transfer

1234 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ozy.one/ HTTP 301
    https://ozy.one/ HTTP 301
    http://metrolagu.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
metrolagu.click/
Redirect Chain
  • http://ozy.one/
  • https://ozy.one/
  • http://metrolagu.click/
42 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://metrolagu.click/
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:d6e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
175c515e3e4cf63e2e2091a67f03299f8e3668cc588a4355272d358e2ff2d948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7463f5db3d699b34-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 06 Sep 2022 03:01:29 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skuWSU8NMGQfakmv4qd4YDYpxBNWQa%2BzmM6YRKv%2FCF%2B5oAbWVuP9vAMRrxbl1DIWwQ4VHZwsmoRlvOi6rR%2FR28GoEMd0KTRET81g%2FYIy6uDScAzhB4wq582iCtiGWwaRe7xw02eGv8wSPxkvJFc%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
strict-transport-security
max-age=31536000

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7463f5d9af8a9b6a-FRA
content-type
text/html
date
Tue, 06 Sep 2022 03:01:29 GMT
location
http://metrolagu.click/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyfhHnBLyclgbTHk82zUSLovpBEaecpWtK9bvTNKZPlL3RQOJB%2FyzLv%2BuYE%2FkBcmmeOWN2x0pfnS%2BRd08UpCeo44qsSlSTunMWDl9WVh0mgYIEuZjy0Do5%2BDMdVHugqr%2FblzRqHH"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
css
fonts.googleapis.com/ 		702 B
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One:400,600,300&display:swap
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba967e544d06616196f49d15433f600b48224f12b4305e87f07138d194b3dc8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 03:01:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 03:01:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 03:01:29 GMT
css
fonts.googleapis.com/ 		8 KB
785 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,300&display:swap
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 06 Sep 2022 02:43:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 06 Sep 2022 03:01:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 06 Sep 2022 03:01:29 GMT
CLgXF3C.png
i.imgur.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/CLgXF3C.png
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
fd4819d885b83f5f411a1ab63e6b85a3ac563796e96b402a6d80fa126ba8811e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:29 GMT
x-content-type-options
nosniff
age
2996895
x-cache
HIT, HIT
content-length
26738
x-served-by
cache-iad-kjyo7100050-IAD, cache-hhn4027-HHN
last-modified
Fri, 29 Jul 2022 20:19:12 GMT
server
cat factory 1.0
x-timer
S1662433290.781504,VS0,VE1
etag
"ddede18fdd6e5602e5fc9a0eebd87847"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
quv5PNl.png
i.imgur.com/ 		129 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/quv5PNl.png
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e2c075b81c59f59ad1e0ebeaa5cc378469e286fb67371b6de206f695ab0e42f3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:29 GMT
x-content-type-options
nosniff
age
2309295
x-cache
HIT, HIT
content-length
129
x-served-by
cache-iad-kjyo7100100-IAD, cache-hhn4027-HHN
last-modified
Mon, 25 Jul 2022 09:55:13 GMT
server
cat factory 1.0
x-timer
S1662433290.781598,VS0,VE1
etag
"0ec30fa0a052639a925e65b2ec9daf82"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1318
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Sep 2023 02:39:31 GMT
scripts.min.js
metrolagu.click/themes/metromp3/assets/ 		585 KB
254 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrolagu.click/themes/metromp3/assets/scripts.min.js?v=4654051893
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3035::ac43:d6e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec3b088ad25ed9e083f753e7144d160792578b743e4e6407e7f7be4581bf807

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 03 Sep 2022 20:39:19 GMT
server
cloudflare
etag
W/"6313bb77-925e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fVUIPlQushjowC7Zrd6hvrsqQNs0QOMesXEyv7VM4Ngp7DygpruTioLnrb5Sd73CHrwNps5GwA3m1Fhbzmyqft2f1w38vCZn6pIOfyU4M117Tn9w7EFkrCOXS%2F5xYvpjuNOp7oFaFN06RYtQeg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7463f5dd3f128fc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 06 Oct 2022 03:01:29 GMT
o6hN38w.jpg
i.imgur.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/o6hN38w.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a3487729ac64dcb21150ff7e649c9ce9c72b7e4ee8b51cb09d30ff7ebb35350d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:29 GMT
x-content-type-options
nosniff
age
1718134
x-cache
HIT, HIT
content-length
14483
x-served-by
cache-iad-kjyo7100110-IAD, cache-hhn4027-HHN
last-modified
Fri, 22 Jun 2018 22:34:37 GMT
server
cat factory 1.0
x-timer
S1662433290.856620,VS0,VE1
etag
"34e75e3237a62deb9883988d3b561754"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
fontawesome-webfont.woff
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.0.2/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.0.2/fonts/fontawesome-webfont.woff?v=4.0.2
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31e176c04f24fabc3791db04c971a4e57151283b09bab71b730599cd6acc102
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://metrolagu.click/
Origin
http://metrolagu.click
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2365089
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44436
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-ad90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtiP8%2BirWmI5cSMHbLwsLY2kRT%2BJmAdX7F8lBeHivdSH92jYgkU91cZwiO5avc4Q53qfXZxeBJ%2BfAFiiwmAO0tQR3EVWlq8n3HZpzPAAf5F79XVAgA7NCMacA3IvjGzpQWZPXEaRWZU5Sinm6Hbj5fNi"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7463f5ddd83092b7-FRA
expires
Sun, 27 Aug 2023 03:01:29 GMT
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v13/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,600,300&display:swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://metrolagu.click
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 08:47:43 GMT
x-content-type-options
nosniff
age
497626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16588
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:38:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 08:47:43 GMT
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/themes/metromp3/assets/scripts.min.js?v=4654051893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb0d3c853b1ace6ba4878f1e6583a6db4f4b2760001381e52aeda1dc18a61fe2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 06 Sep 2022 03:01:30 GMT
logo-metro.png
metrolagu.click/themes/metromp3/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrolagu.click/themes/metromp3/images/logo-metro.png
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3035::ac43:d6e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7cf5ecf18e26d77887a57f8d6a76e1bde6ec771bb88192678ac0dadc24fbbf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
56094
etag
"63094a97-f8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lixyjB9JyyPh2tiMfQzMdOzYUbhgy1iDjpfXyp1e%2FtUvzIcQKmz9juBJ7H0%2BJHmbxXyIkg%2BwAw9%2FnaxaGxguzsbPwwN%2FCwu9%2Fthh5hjBPJy5Ky7YUk3E0Vq8ZXJr2TwqloBjF%2BioYx2T1v97tRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000, no-transform
accept-ranges
bytes
cf-ray
7463f5e348948fc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3979
expires
Tue, 05 Sep 2023 09:50:22 GMT
mqdefault.jpg
i.ytimg.com/vi/sYJ_t2MiJF0/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/sYJ_t2MiJF0/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d09c37d8c5796e4ffb14d1c82ecfa44debef133ef3180dc6351edb87daf086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:27:04 GMT
x-content-type-options
nosniff
age
2066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17613
x-xss-protection
0
server
sffe
etag
"1654484169"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 04:27:04 GMT
mqdefault.jpg
i.ytimg.com/vi/ZJdsoaQf1FQ/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ZJdsoaQf1FQ/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd0453b786f3ee8476ac1025c2953f1f84febc5b1bda4bde5d2fdc566666437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22517
x-xss-protection
0
server
sffe
etag
"1651376802"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/_Yi_Fk7N2BM/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/_Yi_Fk7N2BM/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73c31f29af682800dd8c159f0db36478ce473995dc497a7106b36ca7710a9466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11045
x-xss-protection
0
server
sffe
etag
"1661361400"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/8NQceh21kX8/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/8NQceh21kX8/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca98cd1a2b8404688c8fcaa183bc9fb8b9fac5998bbc079c9290c7d08920291c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17610
x-xss-protection
0
server
sffe
etag
"1659236048"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/3dNsVHBXo9g/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/3dNsVHBXo9g/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4dacd878b6f04fb94140a373a8562f198d487494fcd934c492c915d80c9fa7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14129
x-xss-protection
0
server
sffe
etag
"1658995088"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/wCgXOd9ek20/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/wCgXOd9ek20/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f219a68dbbf6227f9504890bf84cb9c946c2cb98cc65832c1631b4d0ee5fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18349
x-xss-protection
0
server
sffe
etag
"1659100527"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/ShhCxBSpsg0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ShhCxBSpsg0/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af431fdac7e17b18d40668f4473a0deafceb2ca055d1ce4b6cfb7bd27c3e766f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 02:39:30 GMT
x-content-type-options
nosniff
age
1320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11238
x-xss-protection
0
server
sffe
etag
"1657797742"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 04:39:30 GMT
mqdefault.jpg
i.ytimg.com/vi/tM-shuyVlZE/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/tM-shuyVlZE/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7edc7934da135137e1f716512bb6e7515c66361cd9977c09a73b008cb5504bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14909
x-xss-protection
0
server
sffe
etag
"1653909900"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/rbd5uS0dLrI/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/rbd5uS0dLrI/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24addfd82703932b019afcd76b44f4e79fcbb205eef084d1b6cc874e2500ffb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13917
x-xss-protection
0
server
sffe
etag
"1654590279"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/NeLQfCdB-AE/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/NeLQfCdB-AE/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
116c07a1705cc8d954dcb4b5152458110998e47eda91786779cff176db903e06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16992
x-xss-protection
0
server
sffe
etag
"1653986075"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/9HAtBsF3beo/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/9HAtBsF3beo/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
339ff65972ed57fa45a8ee9139813cd093aa7b74a09333cab39e52785d5f4445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9618
x-xss-protection
0
server
sffe
etag
"1614238867"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/lXNc7tRWRbQ/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/lXNc7tRWRbQ/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3964ce1a6e4a3cae779cdc0f91325a711409262578642bf15a395f4ea9b63cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12392
x-xss-protection
0
server
sffe
etag
"1654156864"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/791S305DHZY/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/791S305DHZY/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9194de342d00cef84b0e8cba20c025b00fbbda223e86553495fe3bf5f35327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22483
x-xss-protection
0
server
sffe
etag
"1651308180"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/LQMXM29AVWI/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/LQMXM29AVWI/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
937883fec82c9b404e8cba73c97e8c9fb2ca68b0cec1ba929a8a86d70671eb8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:41:18 GMT
x-content-type-options
nosniff
age
4812
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16405
x-xss-protection
0
server
sffe
etag
"1651297923"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 03:41:18 GMT
mqdefault.jpg
i.ytimg.com/vi/tpXC_X8Obqo/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/tpXC_X8Obqo/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde31efba070e9540744819c2f9ba567f0145328094318e87469010cac71b5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16886
x-xss-protection
0
server
sffe
etag
"1650739545"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
mqdefault.jpg
i.ytimg.com/vi/YGf4PA9dlCY/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/YGf4PA9dlCY/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: http://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eca761b4c0fab991f24bec04dddf0c250ae63fe7d770dde5981d7d45f13d5c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 03:01:30 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17317
x-xss-protection
0
server
sffe
etag
"1650758524"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 06 Sep 2022 05:01:30 GMT
www-widgetapi.js
www.youtube.com/s/player/c16db54a/www-widgetapi.vflset/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/c16db54a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef9784347baaf9329877b3e77ac494af29d42a9df0944d53cb677bbb2daeb89d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 01:37:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
5015
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53414
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 18:46:29 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 06 Sep 2023 01:37:55 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery function| _0x37704f function| _0x5d0a55 function| _0x3d6917 function| _0x5b8e88 function| _0xacdf71 function| _0x1871ef function| _0x3c684b object| el number| volumen string| calidad string| idt function| _0x4e7d1b object| tag object| firstScriptTag function| _0x4528 undefined| intervalo object| youtube function| reverseString function| ro function| _0x354d88 function| inicio_play function| onYouTubePlayerAPIReady object| Player number| err function| onPlayerStateChange function| onPlayerReady function| new_play function| time_set function| ValidURL undefined| timeout function| onPlay function| onPause function| play function| pause function| siguiente function| _0x2a35 string| dom function| _0x798aa1 string| ex function| gd function| autoComplete function| _0x4309f2 function| jsonp_call function| _0x539687 function| _0x10ae71 object| sound function| lazyload function| LazyLoad object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

3 Cookies

Domain/Path Name / Value
metrolagu.click/ Name: X_CACHE_KEY
Value: 9670327a6e681962cee60acc7c6bc70a
.youtube.com/ Name: YSC
Value: 4xHBWXGM1tQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: KuFa4as633Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
i.ytimg.com
metrolagu.click
ozy.one
www.youtube.com
151.101.112.193
2606:4700:3035::ac43:bd7c
2606:4700:3035::ac43:d6e3
2606:4700::6811:190e
2a00:1450:4001:809::200e
2a00:1450:4001:809::2016
2a00:1450:4001:813::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200a
03d09c37d8c5796e4ffb14d1c82ecfa44debef133ef3180dc6351edb87daf086
0ec3b088ad25ed9e083f753e7144d160792578b743e4e6407e7f7be4581bf807
116c07a1705cc8d954dcb4b5152458110998e47eda91786779cff176db903e06
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
175c515e3e4cf63e2e2091a67f03299f8e3668cc588a4355272d358e2ff2d948
1eca761b4c0fab991f24bec04dddf0c250ae63fe7d770dde5981d7d45f13d5c4
24addfd82703932b019afcd76b44f4e79fcbb205eef084d1b6cc874e2500ffb0
339ff65972ed57fa45a8ee9139813cd093aa7b74a09333cab39e52785d5f4445
40f219a68dbbf6227f9504890bf84cb9c946c2cb98cc65832c1631b4d0ee5fea
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
5b9194de342d00cef84b0e8cba20c025b00fbbda223e86553495fe3bf5f35327
73c31f29af682800dd8c159f0db36478ce473995dc497a7106b36ca7710a9466
7edc7934da135137e1f716512bb6e7515c66361cd9977c09a73b008cb5504bd6
937883fec82c9b404e8cba73c97e8c9fb2ca68b0cec1ba929a8a86d70671eb8b
a3487729ac64dcb21150ff7e649c9ce9c72b7e4ee8b51cb09d30ff7ebb35350d
a7cf5ecf18e26d77887a57f8d6a76e1bde6ec771bb88192678ac0dadc24fbbf2
af431fdac7e17b18d40668f4473a0deafceb2ca055d1ce4b6cfb7bd27c3e766f
b31e176c04f24fabc3791db04c971a4e57151283b09bab71b730599cd6acc102
b4dacd878b6f04fb94140a373a8562f198d487494fcd934c492c915d80c9fa7d
ba967e544d06616196f49d15433f600b48224f12b4305e87f07138d194b3dc8f
c3964ce1a6e4a3cae779cdc0f91325a711409262578642bf15a395f4ea9b63cd
ca98cd1a2b8404688c8fcaa183bc9fb8b9fac5998bbc079c9290c7d08920291c
cde31efba070e9540744819c2f9ba567f0145328094318e87469010cac71b5cb
cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7
e2c075b81c59f59ad1e0ebeaa5cc378469e286fb67371b6de206f695ab0e42f3
ef9784347baaf9329877b3e77ac494af29d42a9df0944d53cb677bbb2daeb89d
fb0d3c853b1ace6ba4878f1e6583a6db4f4b2760001381e52aeda1dc18a61fe2
fd4819d885b83f5f411a1ab63e6b85a3ac563796e96b402a6d80fa126ba8811e
ffd0453b786f3ee8476ac1025c2953f1f84febc5b1bda4bde5d2fdc566666437