www.metroflog.co Open in urlscan Pro
199.127.60.238 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.metroflog.co/post/614465
Submission: On December 12 via manual (December 12th 2023, 11:09:22 pm UTC) from VN — Scanned from CH

Summary HTTP 103 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 3 countries across 23 domains to perform 103 HTTP transactions. The main IP is 199.127.60.238, located in Miami, United States and belongs to RELIABLESITE, US. The main domain is www.metroflog.co.
TLS certificate: Issued by R3 on October 24th 2023. Valid for: 3 months.

This is the only time www.metroflog.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	199.127.60.238 199.127.60.238	23470 (RELIABLESITE) (RELIABLESITE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.27.51 18.66.27.51	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
7	162.243.189.2 162.243.189.2	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4aab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::63 2620:1ec:46::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.32.184.180 23.32.184.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	213.227.153.220 213.227.153.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
4 10	2a02:26f0:e60... 2a02:26f0:e600::170f:b1f8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	185.89.210.180 185.89.210.180	29990 (ASN-APPNEX) (ASN-APPNEX)
1	213.227.153.224 213.227.153.224	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
103	29

17 199.127.60.238 (Miami, United States)

ASN23470 (RELIABLESITE, US)
PTR: lightning.servidoresph.com

www.metroflog.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.27.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-27-51.vie50.r.cloudfront.net

sdk.twilio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.243.189.2 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: nyc3.digitaloceanspaces.com

metroflog.nyc3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4aab (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::63 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:e600::170f:b1f8 (Düsseldorf, Germany) 4 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.224 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	254 KB
17	metroflog.co www.metroflog.co	430 KB
10	bing.com 4 redirects www.bing.com — Cisco Umbrella Rank: 60	26 KB
10	adnxs.com cdn.adnxs.com — Cisco Umbrella Rank: 1605 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6997	59 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	64 KB
7	digitaloceanspaces.com metroflog.nyc3.digitaloceanspaces.com	108 KB
4	zemanta.com b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 25865 b1-eudc1.zemanta.com — Cisco Umbrella Rank: 27582	507 B
4	gstatic.com fonts.gstatic.com www.gstatic.com	240 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	193 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	156 KB
2	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 4453	75 KB
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2138	15 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 857	15 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	88 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	147 KB
1	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 3815	12 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 17707	184 B
1	waust.at waust.at — Cisco Umbrella Rank: 43427	7 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	1 KB
1	twilio.com sdk.twilio.com — Cisco Umbrella Rank: 57742	629 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
103	23

	Domain	Requested by
17	www.metroflog.co	www.metroflog.co
11	pagead2.googlesyndication.com	www.metroflog.co pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
10	www.bing.com	4 redirects googleads.g.doubleclick.net
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	ams3-ib.adnxs.com	googleads.g.doubleclick.net cdn.adnxs.com
7	metroflog.nyc3.digitaloceanspaces.com	www.metroflog.co
3	b1t-eudc1.zemanta.com	googleads.g.doubleclick.net widgets.outbrain.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	cdnjs.cloudflare.com	www.metroflog.co
2	cdn.adnxs.com	googleads.g.doubleclick.net
2	adsdk.microsoft.com	googleads.g.doubleclick.net
2	widgets.outbrain.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	www.metroflog.co tpc.googlesyndication.com
2	unpkg.com	1 redirects www.metroflog.co
2	connect.facebook.net	www.metroflog.co connect.facebook.net
2	www.googletagmanager.com	www.metroflog.co www.googletagmanager.com
1	b1-eudc1.zemanta.com	googleads.g.doubleclick.net
1	zem.outbrainimg.com	googleads.g.doubleclick.net
1	whos.amung.us	waust.at
1	region1.google-analytics.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	waust.at	www.metroflog.co
1	cdn.jsdelivr.net	www.metroflog.co
1	sdk.twilio.com	www.metroflog.co
1	fonts.googleapis.com	www.metroflog.co
103	28

This site contains links to these domains. Also see Links.

Domain
whos.amung.us
anhletoeic.com

Subject Issuer	Validity	Valid
*.metroflog.co R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sdk.twilio.com Amazon RSA 2048 M02	`2023-05-01` - `2024-05-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.nyc3.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2024-05-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-10-11` - `2024-04-08`	6 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.outbrainimg.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.metroflog.co/post/614465
Frame ID: 1968E346FCE522E563AA136580D78AEB
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 0F604535F539D5F54608059DD73337AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178
Frame ID: 9CA9B35387CF407032CB643E65E65FC0
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=124&slotname=8179789107&adk=3026302014&adf=2418721593&pi=t.ma~as.8179789107&w=920&lmt=1702422557&rafmt=12&format=920x124&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557342&bpp=1&bdt=761&idt=177&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=515&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179
Frame ID: A7AA5079C5DE2F559FEF88A075598AD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=255705853&adf=223930974&pi=t.ma~as.6495634864&w=327&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=327x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557344&bpp=1&bdt=763&idt=180&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=182
Frame ID: FB699A1E9D80FA055CEF646A9CDA74DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=280&slotname=6495634864&adk=2438718501&adf=521434847&pi=t.ma~as.6495634864&w=1200&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557345&bpp=1&bdt=764&idt=182&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124%2C327x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=183
Frame ID: 6E01B4331C8BF5D26F9AB145778C74E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&adk=1812271804&adf=3025194257&lmt=1702422557&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557450&bpp=5&bdt=869&idt=79&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124%2C327x250%2C1200x280&nras=1&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=87
Frame ID: B92DE95F3BC2357894425D40CDC1FF38
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: DB237E88A0D225384EE2FC68DF53F910
Requests: 12 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 3483E3DD5E83EFE8319F411BF166C5C2
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC154BACB7ED8DD0D28A63F5B9DC53BB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0DDA07E0D244F52DB8A39A832BB1B00D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

"""Want to improve your English spe..

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

103
Requests

95 %
HTTPS

68 %
IPv6

23
Domains

28
Subdomains

29
IPs

3
Countries

2542 kB
Transfer

6709 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/gizj619deo/
Title: 61

Search URL Search Domain Scan URL

URL: https://anhletoeic.com/tieng-anh-giao-tiep-cho-nguoi-di-lam/
Title: https://anhletoeic.com/tieng-a....nh-giao-tiep-cho-ngu

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js HTTP 302
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

Request Chain 74

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=12dae442-4c26-494f-a407-bc7b22bf07af&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=78660f27-9040-4d1a-9ed6-75b908080317&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D20a7ffcbaee7458c93994c7181c7ff15%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=4296739380132120448 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=20a7ffcbaee7458c93994c7181c7ff15&SNR=1&GV=2&med=10

Request Chain 79

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4c8d541a-7bb9-49a6-941c-cde1750a9f8d&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=35acb2da-7c7e-4791-9a11-0fabccea55c9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D9ff03334618e469ba305d20949665a76%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=6741005559377981243 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9ff03334618e469ba305d20949665a76&SNR=1&GV=2&med=10

Request Chain 101

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=12dae442-4c26-494f-a407-bc7b22bf07af&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=78660f27-9040-4d1a-9ed6-75b908080317&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D20a7ffcbaee7458c93994c7181c7ff15%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=tqcecnff&aid=4296739380132120448 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=20a7ffcbaee7458c93994c7181c7ff15&tids=15000&med=10

Request Chain 102

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4c8d541a-7bb9-49a6-941c-cde1750a9f8d&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=35acb2da-7c7e-4791-9a11-0fabccea55c9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D9ff03334618e469ba305d20949665a76%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=6741005559377981243 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9ff03334618e469ba305d20949665a76&tids=15000&med=10

103 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 614465 Show response
www.metroflog.co/post/ 93 KB
25 KB 2044ms
303ms Document
text/html 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),

Reverse DNS

lightning.servidoresph.com

Software

LiteSpeed / PHP/7.2.34

Resource Hash

a5573107e1872ba2de3e27aff1383633e7be17702134dfae07bd1dc01e5c64e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 24667
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 23:09:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.2.34

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 83ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 21:54:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Dec 2023 23:09:16 GMT

GET
H2 200 general-style-plugins.css
www.metroflog.co/themes/wondertag/stylesheet/ 377 KB
49 KB 129ms
125ms Stylesheet
text/css 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/stylesheet/general-style-plugins.css?version=2.3.9
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 286649594aa2977e56c3df4a6b84ba0ded3ef74f8f4ec6739cdc853eb0da632f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 08:24:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 50036
expires: Thu, 11 Jan 2024 23:09:16 GMT

GET
H2 200 twilio-video.min.js Show response
sdk.twilio.com/js/video/releases/2.18.1/ 627 KB
629 KB 126ms
48ms Script
application/javascript 18.66.27.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.twilio.com/js/video/releases/2.18.1/twilio-video.min.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.27.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-27-51.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5aefdd61b6f9d3c22f4f949d878696bffee60cc009f02c0e0e665faad3d51490

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 22:18:39 GMT
x-amz-version-id: NENLBZaCDW4H8qjcqPbMVzpALalrspyP
via: 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
age: 8124638
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 642386
last-modified: Fri, 29 Oct 2021 19:15:09 GMT
server: AmazonS3
etag: "23952b4aa6b5674ba8b83996317b6850"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: btcJ91eUONIVhW_FynbFUkGuLZUJGTMpU9UJhYFH6yF6vY0_CUvAfQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
www.metroflog.co/themes/wondertag/stylesheet/ 369 KB
70 KB 255ms
252ms Stylesheet
text/css 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/stylesheet/style.css?version=2.3.9
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 22de26646ba1f8db6fffcaac956c7ffe2f8c2f81fd2d2fdde2d0fc9ace808c87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Sat, 05 Mar 2022 06:04:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 71133
expires: Thu, 11 Jan 2024 23:09:16 GMT

GET
H2 200 font-awesome.min.css
www.metroflog.co/themes/wondertag/stylesheet/font-awesome-4.7.0/css/ 30 KB
7 KB 380ms
377ms Stylesheet
text/css 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/stylesheet/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 4e3db43e0e3bb334dda61e4f492c3652816bd25f0a7c015e9bab01997b3c3e3f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Tue, 22 Aug 2017 13:18:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 6657
expires: Thu, 11 Jan 2024 23:09:16 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
www.metroflog.co/themes/wondertag/javascript/ 385 KB
107 KB 380ms
377ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/javascript/jquery-3.1.1.min.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 0768119997d40c04b6089821d3f39588f7b1bab944317b38f775e03c30424c3b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 08:14:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 109080
expires: Tue, 19 Dec 2023 23:09:16 GMT

GET
H2 200 jquery.ui.touch-punch.min.js Show response
cdn.jsdelivr.net/npm/jquery-ui-touch-punch@0.2.3/ 1 KB
1 KB 85ms
28ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-ui-touch-punch@0.2.3/jquery.ui.touch-punch.min.js

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1269856
x-jsd-version: 0.2.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220098-FRA, cache-mxp6934-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"50b-wcNuaSdDYjHrIEdDVrKWZ8TGSKo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfjKp4j9n9xd5HgwbaevpIPJy5m2Ept67oAFst1zJsPctWsIXiRCc8wGqLOhNlX3oUj%2F9VpbKfk8P18F5gvHhbeh%2FbcsdZ1M55aVgiwXIWtwazaoJw4850cI0BGykWGbzY18W9gx6DGu7DcnheU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8349a2530800baed-MXP

GET
H2 200 bootstrap-select.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/css/ 11 KB
3 KB 58ms
23ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/css/bootstrap-select.min.css

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1271562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1895
last-modified: Mon, 29 Jun 2020 16:55:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5efa1cee-2bb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wP2On23UMywg%2BBZhWI575KzWeVJMrZdGty%2FmA31V8Cj%2BfLtL9BVRYpbpJyulYe9WJgYET7K14HAyNpeCTavR%2BJFANF6NSquZgkt5rgyNcvERBrk%2FdYCg3uWiH4hG1ykotJ00e9Ym8qMTdpmuOH06f%2Fl8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8349a252e91e24c4-ZRH
expires: Sun, 01 Dec 2024 23:09:16 GMT

GET
H2 200 bootstrap-select.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/js/ 52 KB
14 KB 63ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.13.18/js/bootstrap-select.min.js

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1274388
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13973
last-modified: Mon, 29 Jun 2020 16:55:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5efa1cee-d18c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1yivo9JCW9%2BKwpdkdU694j%2F7vIAgS6dn2SLtN6qfSLKJ6cgvQCVzZbFrHUITCVGIxQFgdrzNnaT1%2Bf2M3Fjp4gn4SlwbYv1WvlWCI1XQtKn1a2Nc%2Fi3H3evFWFt6RiFbOi%2FVGtCUFvj8AEOCtMy8doo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8349a252e92224c4-ZRH
expires: Sun, 01 Dec 2024 23:09:16 GMT

GET
H2 200 plyr.js Show response
www.metroflog.co/themes/wondertag/player/ 106 KB
30 KB 382ms
380ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/player/plyr.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 940fcd0e6f76d0b4a941bdceb34a85cd4840832532fc399d80c7bc3527b636e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Mon, 14 Jun 2021 09:00:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30677
expires: Tue, 19 Dec 2023 23:09:16 GMT

GET
H2 200 wavesurfer.min.js Show response
www.metroflog.co/themes/wondertag/player/ 67 KB
14 KB 384ms
382ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/player/wavesurfer.min.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 4dd7ca26366191c4c87d0da61ec047712e0631ec11e521d7a184a048499d27eb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 08:20:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14652
expires: Tue, 19 Dec 2023 23:09:16 GMT

GET
H2 200 wavesurfer.cursor.min.js Show response
www.metroflog.co/themes/wondertag/player/ 5 KB
2 KB 385ms
383ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/player/wavesurfer.cursor.min.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 920cd13901db3df43b834b71583becded744b238626e6a84715177b2ab6f9f43

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 08:22:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1598
expires: Tue, 19 Dec 2023 23:09:16 GMT

GET
H2 200 html2pdf.bundle.js Show response
cdnjs.cloudflare.com/ajax/libs/html2pdf.js/0.9.2/ 678 KB
140 KB 65ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/html2pdf.js/0.9.2/html2pdf.bundle.js

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f952b0cbf39a677377554aea51121596bab1de9fff0aadd137b20fbe42bfc54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 436533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 142499
last-modified: Mon, 04 May 2020 16:11:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9d-a9610"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi79jjop7Y1g2Y6DRNASgNnIDU58ARNanNicFIm%2BforrdkKJyvIUa8hp%2FTYKzAqm21dPDybYJ84%2FUF0as6zBzs%2Fd0X1ujjbFuF1DU3MUM5IIDx5WQ7Cqbm4hoA%2BOtyI6lUFWLXr0RDiPwT87ObNcj3rB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8349a252e92024c4-ZRH
expires: Sun, 01 Dec 2024 23:09:16 GMT

GET
H2 200 qrcode.js Show response
www.metroflog.co/themes/wondertag/javascript/ 33 KB
9 KB 385ms
384ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/javascript/qrcode.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: c3180e12eb685444ab411102850ff11a8dbf30e573348e0ad8a82cefb49132f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Tue, 12 Oct 2021 11:52:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9417
expires: Tue, 19 Dec 2023 23:09:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
68 KB 86ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-171486116-1

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15f086987988b9251572fd747d428c3a77a2862db8d5996e69115c9f74c549be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69014
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Dec 2023 23:09:17 GMT

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 85ms
34ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1352
etag: W/"63c04130-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1P1Nn1cP4sZn6PSDQaQ5Kp3QoJnfnkVmMJzlABCkFgw0LcKAIvCC0i51kulVdVrZb7xArWtFFwsTOQLQdLJJff1xW1xqyOGA1wE5YANbwv83EN%2B5RX5KkXWxsJYBR4L8GiCgL7E8"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8349a2566e47bae2-MXP
expires: Wed, 13 Dec 2023 22:46:45 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 81ms
25ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef88215fb4967fa2858b743e62165452c73bb9779994aef84737318983b7ab22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.metroflog.co/
Origin: https://www.metroflog.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 23:09:16 GMT
content-md5: FP0QOzFiJRCCxtLML/3K+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: X2aY+WHZe7hpcC3oxtmR8WuhLnZPK8tKgJ1FSuyvhLSN8gG7FL8EIObsY8OWyrKGCDK0TpR37Zmj0KFHb2UYtg==
x-fb-content-md5: b04c05edccfedaf07ef2a4d00da38498
cross-origin-opener-policy: same-origin-allow-popups
etag: "9ddb71b8a2c011d4ea41c6f0a8ea294c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:12:12 GMT

GET
H2 200 socket.io.js Show response
www.metroflog.co/themes/wondertag/javascript/ 67 KB
19 KB 386ms
384ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/javascript/socket.io.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: fb7bd3f8e05835e2b81aacb7207cedd7e908f52f46fbae03e72c1908da987b6a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 08:13:12 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19254
expires: Tue, 19 Dec 2023 23:09:16 GMT

GET
H2 200 jquery.adaptive-backgrounds.js Show response
www.metroflog.co/themes/wondertag/javascript/ 4 KB
1 KB 502ms
501ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/javascript/jquery.adaptive-backgrounds.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 1b68bc7f2116741a1416a43a9e253d79afbcb25b603ab544c7fdf79c5959b468

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Thu, 11 Jun 2020 10:02:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1450
expires: Tue, 19 Dec 2023 23:09:16 GMT

GET
H2

200

flickity.pkgd.min.js Show response
unpkg.com/flickity@2.3.0/dist/
Redirect Chain

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

56 KB
15 KB

30ms
29ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1112500
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HGEZPHHZ7M9M6G9PJMAWNM2J-fra
server: cloudflare
etag: W/"e136-ppFLVfsImDkhRKQGmGrAD36fhGA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8349a2532a37babb-MXP

Redirect headers

date: Tue, 12 Dec 2023 23:09:16 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01HHG470RR33J63ZPN9XHZ7CZP-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 470
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /flickity@2.3.0/dist/flickity.pkgd.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8349a252fa20babb-MXP

GET
H2 200 green-audio-player.css
www.metroflog.co/themes/wondertag/javascript/green-audio-player/ 5 KB
1 KB 379ms
378ms Stylesheet
text/css 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/javascript/green-audio-player/green-audio-player.css
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 50fa6eada22f53cb20d2461bbd4a4ef64b69f7a0af4d3e1c308183abdd30381f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Fri, 11 Feb 2022 05:12:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 1117
expires: Thu, 11 Jan 2024 23:09:16 GMT

GET
H2 200 green-audio-player.js Show response
www.metroflog.co/themes/wondertag/javascript/green-audio-player/ 27 KB
6 KB 503ms
502ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/javascript/green-audio-player/green-audio-player.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: a8809d962a56732e4db4cdea94557fc29c8179b7bed5d5ad70e90bfde650115e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
content-encoding: br
last-modified: Tue, 24 Mar 2020 16:59:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6103
expires: Tue, 19 Dec 2023 23:09:16 GMT

GET
H2 200 logo.png
www.metroflog.co/themes/wondertag/img/ 3 KB
3 KB 378ms
377ms Image
image/png 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metroflog.co/themes/wondertag/img/logo.png
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: fba4f1463a092295138ef8f0f29d1ae963403dd865238e017ea720470d71d1fc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
last-modified: Sat, 06 Mar 2021 16:19:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2823
expires: Wed, 11 Dec 2024 23:09:16 GMT

GET
H2 200 icon.png
www.metroflog.co/themes/wondertag/img/ 3 KB
3 KB 378ms
378ms Image
image/png 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metroflog.co/themes/wondertag/img/icon.png
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: fba4f1463a092295138ef8f0f29d1ae963403dd865238e017ea720470d71d1fc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:16 GMT
last-modified: Sat, 06 Mar 2021 16:19:00 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2823
expires: Wed, 11 Dec 2024 23:09:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 164ms
114ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9e5056785e94856ac36442f7203138fd1ffe549c1164ac17e83acc7c08ac460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51598
x-xss-protection: 0
server: cafe
etag: 230665765293342016
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:09:17 GMT

GET
H2 200 JtTrHfH72UwB67b3xiyN_27_dde6057109e3b4a40ab8a6d7713e5e62_avatar.png
metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/11/ 3 KB
4 KB 442ms
222ms Image
image/png 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/11/JtTrHfH72UwB67b3xiyN_27_dde6057109e3b4a40ab8a6d7713e5e62_avatar.png?cache=0

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

4040beaa2f7989282350e39e4b4f3062a9880bc4d20dd7bbf74319f0defeaf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Mon, 27 Nov 2023 04:27:54 GMT
x-amz-request-id: tx000006005ab47a84ac3e7-006578e81d-4eccb13e-nyc3b
etag: "136fd4075cf1ace1087a4ff977aee1a1"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=3153600
accept-ranges: bytes
content-length: 3545

GET
H2 200 xRYkbAG49QMDwHmqlsID_08_d877dcd9c7b7997f2913bd5acb655e80_image_small.png
metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/ 21 KB
21 KB 440ms
220ms Image
image/png 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/xRYkbAG49QMDwHmqlsID_08_d877dcd9c7b7997f2913bd5acb655e80_image_small.png

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

e0b58dcabdcbe870c73b0f8aac6c00d0e3c63e06812a839811d27277ba2c8580

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 08 Dec 2023 10:33:47 GMT
x-amz-request-id: tx0000049cac88a193de82d-006578e81d-4eccb13e-nyc3b
etag: "9f995d1f886e984b9f45d47bd1fa87ad"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=3153600
accept-ranges: bytes
content-length: 21111

GET
H2 200 pyLxjjevphJzcph95ERs_08_5f3cf469b01c8c4349a3b54e03a012fc_image_small.png
metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/ 16 KB
16 KB 509ms
324ms Image
image/png 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/pyLxjjevphJzcph95ERs_08_5f3cf469b01c8c4349a3b54e03a012fc_image_small.png

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

9e9a136ce6e7aef88eb57380102c505ad39ebdb578eaff424e37c96107d3e9f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Fri, 08 Dec 2023 06:12:37 GMT
x-amz-request-id: tx000007fa4825e1445d5fd-006578e81d-4eccb116-nyc3b
etag: "a6f4ae55adbb600dd75a1cc1890e4427"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=3153600
accept-ranges: bytes
content-length: 16298

GET
H2 200 C4f6lOVrPQqqUx2YYYtT_07_418799580dc1ca77f9c24541850ef420_image_small.png
metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/ 8 KB
8 KB 404ms
221ms Image
image/png 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/C4f6lOVrPQqqUx2YYYtT_07_418799580dc1ca77f9c24541850ef420_image_small.png

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

8058640a8a727778ce5834785a9f4cdc7599bf11d2846ea28726c14d335dd83d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Thu, 07 Dec 2023 12:52:57 GMT
x-amz-request-id: tx00000293a70c352990ef3-006578e81d-4ecd4e8a-nyc3b
etag: "af110681e8552eb682b5e81ea3715acc"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=3153600
accept-ranges: bytes
content-length: 8270

GET
H2 200 wgBCmnvSJOSRYYivRssQ_07_d20bd04a2c28e89b363d4f669df9c4a5_image_small.png
metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/ 21 KB
21 KB 597ms
414ms Image
image/png 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/wgBCmnvSJOSRYYivRssQ_07_d20bd04a2c28e89b363d4f669df9c4a5_image_small.png

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

1aee9646496df3de9154c2f3f54326d30d6122914e535ff3284fe5875d650e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Thu, 07 Dec 2023 09:39:59 GMT
x-amz-request-id: tx000002aea3e0a4575bc34-006578e81d-4eccb22e-nyc3b
etag: "fee00f941c8d129abf510608d102991e"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=3153600
accept-ranges: bytes
content-length: 21075

GET
H2 200 X8Lj7QjLWFikrrvo84f3_07_2acbb4eb948d50279d4122469efb473e_image_small.png
metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/ 17 KB
17 KB 510ms
327ms Image
image/png 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/X8Lj7QjLWFikrrvo84f3_07_2acbb4eb948d50279d4122469efb473e_image_small.png

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

2f0d5fae8e3f1757b2b542803b94b052bb965cc086fa7c493fdea108fbd5e1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Thu, 07 Dec 2023 05:45:47 GMT
x-amz-request-id: tx000007e9bd2c155e5ba8b-006578e81d-4ecce74a-nyc3b
etag: "d85593c86d912ca562afc69d34717b3c"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=3153600
accept-ranges: bytes
content-length: 17486

GET
H2 200 JLyRZ7HtScEcXuItnlLA_06_5947f5197998dbfdc02b32889eddea3b_image_small.png
metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/ 21 KB
21 KB 491ms
326ms Image
image/png 162.243.189.2
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metroflog.nyc3.digitaloceanspaces.com/upload/photos/2023/12/JLyRZ7HtScEcXuItnlLA_06_5947f5197998dbfdc02b32889eddea3b_image_small.png

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

nyc3.digitaloceanspaces.com

Software

Resource Hash

991c7f9cc3525473bf078d7182797b745775483cee1a5296c6df7e188b1c7117

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Wed, 06 Dec 2023 06:36:14 GMT
x-amz-request-id: tx000009ff5596849aec153-006578e81d-4eccb1a7-nyc3b
etag: "7d7964725b3af6500f4fb22de2f0e8db"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/png
x-rgw-object-type: Normal
cache-control: max-age=3153600
accept-ranges: bytes
content-length: 21826

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 81ms
31ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1966806bb5d5e6a86f4189e2fad00d1123d45852e3c6b51cf0224de3c40a60e5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 12 Dec 2023 23:09:17 GMT

GET
H3 200 welcome.js Show response
www.metroflog.co/themes/wondertag/javascript/ 516 B
542 B 127ms
125ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/javascript/welcome.js
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: f5f49770d9b13beb49ce66866cd25b9fc5a19b3c28297c3785d0e606a84f7fcf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: br
last-modified: Tue, 18 Aug 2020 04:20:10 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 269
expires: Tue, 19 Dec 2023 23:09:17 GMT

GET
H3 200 script.js Show response
www.metroflog.co/themes/wondertag/javascript/ 358 KB
84 KB 128ms
127ms Script
application/javascript 199.127.60.238
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metroflog.co/themes/wondertag/javascript/script.js?version=2.3.9
Requested by: Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 199.127.60.238 Miami, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS: lightning.servidoresph.com
Software: LiteSpeed /
Resource Hash: 76e59b833365e36aac8c891e1e84d05d78cf8f5219394f52c1f701c70f943819

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/post/614465
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: br
last-modified: Sat, 05 Mar 2022 06:00:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 86083
expires: Tue, 19 Dec 2023 23:09:17 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=219634fbad0c7da69de8b963f6015644

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

69422ce46387135f72f3759c345a61ee5f87e6f477298f1d4c089cc8f3c30bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.metroflog.co/
Origin: https://www.metroflog.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 23:09:17 GMT
content-md5: Qphzv8FQRC0JDAeLQtEsQQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86866
reporting-endpoints
x-fb-debug: Ypc8hl29VI5WpI1hSV+iGiRDk/yURvbfxUynhNDWiZFGK+52EVW1YKHCHs7W/7i69aP4TR1bNPgxQglx7qCY7A==
x-fb-content-md5: bca0de5b6e64569e9296a4cc95a660c3
cross-origin-opener-policy: same-origin-allow-popups
etag: "12f6af8147bb9749db79e1b418683242"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 21:20:16 GMT

GET
DATA 200
OK truncated
/ 135 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 75ms
26ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metroflog.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:38:05 GMT
x-content-type-options: nosniff
age: 106272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:38:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metroflog.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 51308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:54:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 89ms
43ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metroflog.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 14:13:32 GMT
x-content-type-options: nosniff
age: 464145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 14:13:32 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ 504 KB
202 KB 72ms
23ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a25a841bdb9b41efdbba9815fd37be806319572f41bf88b4b41384c8444456c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metroflog.co/
Origin: https://www.metroflog.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206656
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:16:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
79 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BRPQG63SEQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-171486116-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

416034dfc369c194a41e4dfc5ce8d828fc434440b76639ede247c961004eda76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 12 Dec 2023 23:09:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-171486116-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 21:22:25 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6412
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 12 Dec 2023 23:22:25 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/ 399 KB
135 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_fy2021.js?bust=31080064

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57141aafa799e33e3298927a29eb8de0d6af97789a54087bbbaa69148a0dcf71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137940
x-xss-protection: 0
server: cafe
etag: 14242837008581178421
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:09:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 0F60 9 KB
4 KB 70ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metroflog.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 33579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Tue, 26 Dec 2023 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 96ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BRPQG63SEQ&gtm=45je3bt0v9118794543&_p=1702422557126&gcd=11l1l1l1l1&dma=0&cid=1468436066.1702422557&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1702422557&sct=1&seg=0&dl=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&dt=%22%22%22Want%20to%20improve%20your%20English%20spe..&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2854
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BRPQG63SEQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.metroflog.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 28ms
28ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1853812928&t=pageview&_s=1&dl=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ul=en-us&de=UTF-8&dt=%22%22%22Want%20to%20improve%20your%20English%20spe..&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=7556975&gjid=339343092&cid=1468436066.1702422557&tid=UA-171486116-1&_gid=1403711203.1702422557&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1319857397

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metroflog.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.metroflog.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
184 B 191ms
143ms Script
text/javascript 2606:4700:10::6816:4aab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=gizj619deo&t=%22%22%22Want%20to%20improve%20your%20English%20spe..&c=d&x=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&y=&a=0&v=27&r=407
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a59ad235d9f2b03c08aad888ded2f9bfd816132c596c6d3743d07b40d045191b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8349a2586f89ba9d-MXP
content-type: text/javascript;charset=UTF-8

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9CA9 46 KB
18 KB 330ms
330ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_fy2021.js?bust=31080064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de75657576fd0b6e47dfd2755cc5571e0f95bff4407e59ed470608222978cadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metroflog.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18181
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 23:09:17 GMT
expires: Tue, 12 Dec 2023 23:09:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A7AA 56 KB
19 KB 250ms
250ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=124&slotname=8179789107&adk=3026302014&adf=2418721593&pi=t.ma~as.8179789107&w=920&lmt=1702422557&rafmt=12&format=920x124&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557342&bpp=1&bdt=761&idt=177&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=515&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_fy2021.js?bust=31080064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a1c81a31807d8061e05be2d20b4f18fa6ca2cde2160309cb2ffaf6ec621e681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metroflog.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19014
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 23:09:17 GMT
expires: Tue, 12 Dec 2023 23:09:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FB69 49 KB
17 KB 228ms
228ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=255705853&adf=223930974&pi=t.ma~as.6495634864&w=327&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=327x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557344&bpp=1&bdt=763&idt=180&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=182

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_fy2021.js?bust=31080064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07027d6ee63778f45318a30f3cb591aa7521051c9ca5f714579d9835adc67296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metroflog.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17150
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 23:09:17 GMT
expires: Tue, 12 Dec 2023 23:09:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E01 720 B
579 B 224ms
223ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=280&slotname=6495634864&adk=2438718501&adf=521434847&pi=t.ma~as.6495634864&w=1200&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557345&bpp=1&bdt=764&idt=182&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124%2C327x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=1124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=183

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_fy2021.js?bust=31080064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a2adc2503ad54f82eb44d4ee78def01cea1bdc23268ac1d34a844318696b8a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metroflog.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 23:09:17 GMT
expires: Tue, 12 Dec 2023 23:09:17 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B92D 14 KB
5 KB 532ms
531ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&adk=1812271804&adf=3025194257&lmt=1702422557&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557450&bpp=5&bdt=869&idt=79&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124%2C327x250%2C1200x280&nras=1&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=87

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_fy2021.js?bust=31080064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cb422bd49ef4e1a0e265785dcfaa8a6736e718489182996d52f9d546e818306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metroflog.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5131
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 23:09:18 GMT
expires: Tue, 12 Dec 2023 23:09:18 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=tag_sidebar&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=tag_sidebar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.metroflog.co
URL: https://www.metroflog.co/post/614465

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame DB23 52 KB
13 KB 88ms
37ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=255705853&adf=223930974&pi=t.ma~as.6495634864&w=327&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=327x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557344&bpp=1&bdt=763&idt=180&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=182
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9518e793c62b4b879f4395262afb1e8353d7806e3f68fe1db3cca31867aba09c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: gzip
content-length: 13453
last-modified: Mon, 11 Dec 2023 10:28:04 GMT
server: AkamaiNetStorage
etag: "4a510b2a4057ca87fb386714fd1e508d:1702299747.424567"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Wed, 13 Dec 2023 03:09:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DB23 3 KB
1 KB 76ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=255705853&adf=223930974&pi=t.ma~as.6495634864&w=327&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=327x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557344&bpp=1&bdt=763&idt=180&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=182

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:10:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DB23 20 KB
9 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB23 203 KB
65 KB 118ms
68ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:09:17 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 3483 94 KB
38 KB 190ms
23ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=124&slotname=8179789107&adk=3026302014&adf=2418721593&pi=t.ma~as.8179789107&w=920&lmt=1702422557&rafmt=12&format=920x124&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557342&bpp=1&bdt=761&idt=177&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=515&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: br
last-modified: Tue, 12 Dec 2023 23:02:54 GMT
vary: Accept-Encoding
x-azure-ref: 20231212T230917Z-48msanwnfp4y3e83phkexydvrw00000001cg00000000hf97
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d2d60482-b01e-0058-174f-2d519c000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 3483 80 KB
27 KB 106ms
27ms Script
application/x-javascript 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=124&slotname=8179789107&adk=3026302014&adf=2418721593&pi=t.ma~as.8179789107&w=920&lmt=1702422557&rafmt=12&format=920x124&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557342&bpp=1&bdt=761&idt=177&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=515&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 23:09:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Wed, 11 Dec 2024 23:09:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3483 3 KB
1 KB 65ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=124&slotname=8179789107&adk=3026302014&adf=2418721593&pi=t.ma~as.8179789107&w=920&lmt=1702422557&rafmt=12&format=920x124&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557342&bpp=1&bdt=761&idt=177&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=515&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:10:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3483 20 KB
8 KB 61ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3483 203 KB
64 KB 149ms
111ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:09:17 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 9CA9 94 KB
38 KB 144ms
23ms Script
application/javascript 2620:1ec:46::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: br
last-modified: Tue, 12 Dec 2023 23:02:54 GMT
vary: Accept-Encoding
x-azure-ref: 20231212T230917Z-48msanwnfp4y3e83phkexydvrw00000001cg00000000hf96
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d2d60482-b01e-0058-174f-2d519c000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 9CA9 80 KB
27 KB 92ms
28ms Script
application/x-javascript 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 23:09:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Wed, 11 Dec 2024 23:09:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9CA9 3 KB
1 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:10:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9CA9 20 KB
8 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CA9 203 KB
64 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:09:17 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame DB23 990 B
1 KB 21ms
21ms Image
image/svg+xml 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=255705853&adf=223930974&pi=t.ma~as.6495634864&w=327&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=327x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557344&bpp=1&bdt=763&idt=180&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=182
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 23:09:17 GMT
date: Tue, 12 Dec 2023 23:09:17 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/FNDNU347V4UDWCMSRTPKTZQU524UYQEHPDSYTBJWI32KF2GAR2WC4D2HCQFMMTR3W6XDER27U636ISKN4AUAGVOQVIKNRXLIRL2M3EIT2ZBW4L7MU2P6VLNWB2CLEOKLH36TSNG5ZHGIOBAIX56NNXVTSZ6HOV... Frame DB23 26 B
151 B 106ms
29ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/FNDNU347V4UDWCMSRTPKTZQU524UYQEHPDSYTBJWI32KF2GAR2WC4D2HCQFMMTR3W6XDER27U636ISKN4AUAGVOQVIKNRXLIRL2M3EIT2ZBW4L7MU2P6VLNWB2CLEOKLH36TSNG5ZHGIOBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3GWAPNC5OZT6YE7XH3F5HD2EF2JB5ISYBNG5BCB6SJBGEBP6MWNVT37UGAOC6QO6JTQ/?
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=255705853&adf=223930974&pi=t.ma~as.6495634864&w=327&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=327x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557344&bpp=1&bdt=763&idt=180&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=182
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 23:09:17 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 0aee8a2ffe083c2e2cd0b56c86bc6928c4.png
zem.outbrainimg.com/p/srv/sha/77/c7/72/ Frame DB23 12 KB
12 KB 126ms
43ms Image
image/jpeg 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/77/c7/72/0aee8a2ffe083c2e2cd0b56c86bc6928c4.png?fit=crop&crop=faces&w=298&h=138&fm=jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

8359690475ef017d0c141a876c4e2ee48b7802205424f3f0766831edb0e7649c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:18 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1407958
x-cache: MISS, MISS, HIT
x-imgix-id: 7177b39505c78424148124def7bf4a521bbf9d69
cross-origin-resource-policy: cross-origin
content-length: 12375
x-served-by: cache-sjc10027-SJC, cache-fra-eddf8230067-FRA, cache-fra-eddf8230067-FRA
x-imgix-render-farm: 01.140328
last-modified: Sun, 26 Nov 2023 16:03:19 GMT
server: imgix
x-timer: S1702422558.005402,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1028

GET
DATA 200
OK truncated
/ Frame DB23 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03d7e4f5c8675c3d1136dccb316350f2409d5e79826b79b74fef108644febb9e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

c.gif
www.bing.com/aes/ Frame 9CA9
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=12dae442-4c26-494f-a407-bc7b22bf07af&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=78660f27-9040-4d1a...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=20a7ffcbaee7458c93994c7181c7ff15&SNR=1&GV=2&med=10

0
546 B

65ms
65ms

Image
text/plain

2a02:26f0:e600::170f:b1f8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=20a7ffcbaee7458c93994c7181c7ff15&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178
Protocol: H2
Server: 2a02:26f0:e600::170f:b1f8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8CE6AE8FC2A34D1EB9DA1880A0A2D1C8 Ref B: FRA31EDGE0816 Ref C: 2023-12-12T23:09:18Z
x-cdn-traceid: 0.f4b10f17.1702422558.c186807
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 12 Dec 2023 23:09:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 85677453BB144E0D9E039279B8D6D789 Ref B: FRA31EDGE0712 Ref C: 2023-12-12T23:09:18Z
x-cdn-traceid: 0.f4b10f17.1702422558.c1867cd
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=20a7ffcbaee7458c93994c7181c7ff15&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 9CA9 12 KB
13 KB 167ms
101ms Image
image/jpeg 2a02:26f0:e600::170f:b1f8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8177652458812_197WZERPAZS3WXYNVJ&pid=21.2&c=3&w=320&h=166&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e600::170f:b1f8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ef7447a499d6f23dd8a9166cf5ac7c857b9719b8a6625be498cae852de34395e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:18 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.f4b10f17.1702422558.c1867cb
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 12414
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 9CA9 0
532 B 111ms
38ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&e=wqT_3QL3A-j3AQAAAwDWAAUBCJ3Q46sGEICP1Om3tsXQOxgAKjYJoPdtTXtNwz8RIdHn0PTQwj8ZAAAAYGZm8j8hIQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4kPQFgAEBigEDVVNEkgUG8KqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vd3d3Lm1ldHJvZmxvZy5jby9wb3N0LzYxNDQ2NYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLoBzFiIBQGYBQCgBZ_QpNz6qtHaacAFAMkFAAUBFPA_0gUJCQULeAAAANgFAeAFAfAF9jX6BQQIABAAkAYAmAYAuAYAwQYBIDQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAeQ9AXSBw0VZAEmCNoHBgFepBgA4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=aefc1b3808712f2937e4523333c930a8e0f792ad&bdref=https%3A%2F%2Fwww.metroflog.co%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.metroflog.co%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4409505594389867%26output%3Dhtml%26h%3D250%26slotname%3D6495634864%26adk%3D2413771843%26adf%3D3235933448%26pi%3Dt.ma~as.6495634864%26w%3D320%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702422557%26rafmt%3D1%26format%3D320x250%26url%3Dhttps%253A%252F%252Fwww.metroflog.co%252Fpost%252F614465%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702422557339%26bpp%3D3%26bdt%3D758%26idt%3D170%26shv%3Dr20231207%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D8457648957908%26frm%3D20%26pv%3D2%26ga_vid%3D1468436066.1702422557%26ga_sid%3D1702422558%26ga_hid%3D1853812928%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D15%26ady%3D433%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31080064%252C95320884%26oid%3D2%26pvsid%3D1549026445227098%26tmod%3D622381562%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CfeE%257C%26abl%3DCF%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26dtd%3D178&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:18 GMT
an-x-request-uuid: 3ca27eba-7ad1-4ff8-95e4-17a19a8e932c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.233; 176.10.107.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DB23 0
23 B 65ms
65ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7RHEHeh4Zf2kIcymx_AP846giA3XrJyCbsrq_Lz9EMCNtwEQASAAYPWFgID8A4IBF2NhLXB1Yi00NDA5NTA1NTk0Mzg5ODY3yAEJqAMByAMCqgT4AU_Qs4L10WZFjBPMIyK1YuYI0nUf57Dqwlq_jHPYcON3AkNBO87bpDQYKqb3eVz_aLEyLamWQaO3-Kq7UdaJhJ5d2XKV5CNim_rzhDH67YwUm2r4DX9x0d7HFakaR91xUh9BqK8dywinNQ1PIzu7N1HeVQh7Pk1RpT5DDb1tmU-N5Ik0meeZTxvK1GT9O0cEfnuggh0Cug954ubG_Q2K86dqsf2LDSRXD2tYjL6MqojterrCZMMmLCyJtTKCo7zuf86tkU5aH_E47p3kCD0BUtf9-jaG6Jczv5iLEBLAfYEt5X8lKN9GSy1NdSIdhtz3gyt3MFfPhByBgAb6hfnvkKbCuuIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WJqOs56Ci4MDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ0MDk1MDU1OTQzODk4NjcYAA&sigh=rnf34wNL66U&uach_m=%5BUACH%5D&cid=CAQSTgDICaaN2-v6Qk0Dr5QZy62QjO9c_3ECAVjnZ4Mmf3GKd26TXjV93QX7r3kn9Qq96HO4eKfHOYQWRib7QviOvrx2lEJnOGyC9Cd4b0P2_xgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=255705853&adf=223930974&pi=t.ma~as.6495634864&w=327&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=327x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557344&bpp=1&bdt=763&idt=180&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=182
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 23:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 23:09:18 GMT

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/798cbe8f-9943-11ee-93e3-b196bda599cd/ZXjoHQAIUn0IEdNMAAgHcxWIuHAczwA39XlJEw/IEWQQ7OBTN5QVUHKT5QIM2CKZNUXJSFQSS6RKVX2X72YIB5JJTK25CCJM3BWAPG36D2DADH... Frame DB23 0
99 B 96ms
32ms Image
text/plain 213.227.153.224
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/798cbe8f-9943-11ee-93e3-b196bda599cd/ZXjoHQAIUn0IEdNMAAgHcxWIuHAczwA39XlJEw/IEWQQ7OBTN5QVUHKT5QIM2CKZNUXJSFQSS6RKVX2X72YIB5JJTK25CCJM3BWAPG36D2DADHBPG3YSAPEUNJ2RWFMOHIPFAGFYSRXIGGEUW2FYBDVY6INB752WRNLUU2W24IMXMFKE2F6EMQTWF5NQFZOEQIPWGDSCXCIHSZ4KUWXQN4E6W4IGLG5BKDMSWKZXIRXKYTDR3DCCV7E7ZO2UU5WKRHTTVZRSQDJIG4LQZQV3JHBXEZXTCLQVQ7423G4LACDEF5T5JERK4COAMC6MW246FSLNVQFYYCPRIJT232GSX5RDNWUVRQG44KSDN2V66A7XAVJGNAZHXQ4UWECBYIZRAO7AGL6KUJ5HLLSUFA4I3W2D4BVU4JJ2EGBKE56KCJ5YDBAOZIPLXL6MAL3UHTLM642RT4M2WFJ7S7GVMOFO7WRPPRKWTOBBLPECXKHWUF4TJMU52Q35MTH6DNPG2K3Y7235VGHHRPEMP25WGE4PL3GMNNMPCNCWOENEWNFIPVAZSZHV3MAI/?amtw=&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=255705853&adf=223930974&pi=t.ma~as.6495634864&w=327&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=327x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557344&bpp=1&bdt=763&idt=180&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250%2C920x124&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeoE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=182
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.224 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 12 Dec 2023 23:09:18 GMT
Content-Length: 0

GET
H2

200

c.gif
www.bing.com/aes/ Frame 3483
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4c8d541a-7bb9-49a6-941c-cde1750a9f8d&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=35acb2da-7c7e-4791...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9ff03334618e469ba305d20949665a76&SNR=1&GV=2&med=10

0
545 B

67ms
66ms

Image
text/plain

2a02:26f0:e600::170f:b1f8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9ff03334618e469ba305d20949665a76&SNR=1&GV=2&med=10
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=124&slotname=8179789107&adk=3026302014&adf=2418721593&pi=t.ma~as.8179789107&w=920&lmt=1702422557&rafmt=12&format=920x124&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557342&bpp=1&bdt=761&idt=177&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=515&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179
Protocol: H2
Server: 2a02:26f0:e600::170f:b1f8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FD7FC2B8ABDA4BD08884320EEBA2138B Ref B: FRA31EDGE0620 Ref C: 2023-12-12T23:09:18Z
x-cdn-traceid: 0.f4b10f17.1702422558.c186809
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 12 Dec 2023 23:09:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07F632302FD24E7C9F3DD574690CA73D Ref B: FRA31EDGE0119 Ref C: 2023-12-12T23:09:18Z
x-cdn-traceid: 0.f4b10f17.1702422558.c1867ce
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=9ff03334618e469ba305d20949665a76&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame 3483 10 KB
10 KB 90ms
37ms Image
image/jpeg 2a02:26f0:e600::170f:b1f8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.8177806966836_17TGZMZH37CMHEAG3H&pid=21.2&c=17&roil=0&roit=0.1001&roir=1&roib=0.9007&w=200&h=105&qlt=90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=124&slotname=8179789107&adk=3026302014&adf=2418721593&pi=t.ma~as.8179789107&w=920&lmt=1702422557&rafmt=12&format=920x124&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557342&bpp=1&bdt=761&idt=177&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=515&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:e600::170f:b1f8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9a8ddf605e5d40f34a0f862222f62de1473b77182ff87aa39cb79d2a211ca85b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:18 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.f4b10f17.1702422558.c1867cc
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 10093
alt-svc: h3=":443"; ma=93600

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 3483 0
534 B 90ms
29ms Script
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&e=wqT_3QL4A-j4AQAAAwDWAAUBCJ3Q46sGELveoZ30mrfGXRgAKjYJAVWgi6rVtT8RwrSpfc5ItT8ZAAAAYGZm8j8hwg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR43vMFgAEBigEDVVNEkgUG8KqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vd3d3Lm1ldHJvZmxvZy5jby9wb3N0LzYxNDQ2NYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLoBzFiIBQGYBQCgBfyQ4LGs5qD6Y8AFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF9bUG-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH3vMF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8Ae_gw2KCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=e32c386253be2b72b5933184fd2493eca0386863&bdref=https%3A%2F%2Fwww.metroflog.co%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.metroflog.co%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4409505594389867%26output%3Dhtml%26h%3D124%26slotname%3D8179789107%26adk%3D3026302014%26adf%3D2418721593%26pi%3Dt.ma~as.8179789107%26w%3D920%26lmt%3D1702422557%26rafmt%3D12%26format%3D920x124%26url%3Dhttps%253A%252F%252Fwww.metroflog.co%252Fpost%252F614465%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702422557342%26bpp%3D1%26bdt%3D761%26idt%3D177%26shv%3Dr20231207%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D320x250%26correlator%3D8457648957908%26frm%3D20%26pv%3D1%26ga_vid%3D1468436066.1702422557%26ga_sid%3D1702422558%26ga_hid%3D1853812928%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D515%26ady%3D0%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31080064%252C95320884%26oid%3D2%26pvsid%3D1549026445227098%26tmod%3D622381562%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D256%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D179,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4409505594389867%26output%3Dhtml%26h%3D124%26slotname%3D8179789107%26adk%3D3026302014%26adf%3D2418721593%26pi%3Dt.ma~as.8179789107%26w%3D920%26lmt%3D1702422557%26rafmt%3D12%26format%3D920x124%26url%3Dhttps%253A%252F%252Fwww.metroflog.co%252Fpost%252F614465%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1702422557342%26bpp%3D1%26bdt%3D761%26idt%3D177%26shv%3Dr20231207%26mjsv%3Dm202312060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D320x250%26correlator%3D8457648957908%26frm%3D20%26pv%3D1%26ga_vid%3D1468436066.1702422557%26ga_sid%3D1702422558%26ga_hid%3D1853812928%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D515%26ady%3D0%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31080064%252C95320884%26oid%3D2%26pvsid%3D1549026445227098%26tmod%3D622381562%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D256%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D179&

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:18 GMT
an-x-request-uuid: 6f46fca1-4778-4178-b454-34c9285ffa5d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.233; 176.10.107.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3483 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2805738c88d06ac3b37e0d46286b76256cf3b2366528194fd99eca56b58f250

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 3483 0
556 B 34ms
33ms Ping
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&e=wqT_3QKVB-iVAwAAAwDWAAUBCJ3Q46sGELveoZ30mrfGXRgAKjYJAVWgi6rVtT8RwrSpfc5ItT8ZAAAAYGZm8j8hwg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR43vMFgAEBigEDVVNEkgUG9KwCmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vd3d3Lm1ldHJvZmxvZy5jby9wb3N0LzYxNDQ2NYADAIgDAZADAJgDCaADAaoDmgMKsAJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0zNWFjYjJkYS03YzdlLTQ3OTEtOWExMS0wZmFiY2NlYTU1YzkmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTM1YWNiMmRhLTdjN2UtNDc5MS05YTExLTBmYWJjY2VhNTVjOSZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjc0MTAwNTU1OTM3Nzk4MTI0MyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemt3TWpjMk1EUTJNREF4T1Rjak1qTXpNRGd5TnpJeE1qTXlOVGsyTlE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX8kOCxrOag-mPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1tQb6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAE-eAAQABgA4AYB8gYCCACABwGIBwCgBwHIB97zBdIHDQkFIwAACSYI2gcGCbqo4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=9d9b54ee65691510320d255377b9a915c8233be3&type=nv&nvt=5&jm=1003&px=96&py=0&bw=182&bh=90&sid=4496275971657558764&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=920&ph=124&ww=920&wh=124&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:18 GMT
an-x-request-uuid: de80da39-666f-4948-84ea-b595c06fc037
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.233; 176.10.107.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3483 0
19 B 67ms
66ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaVhaHeh4ZYjTIaDlx_APrNCwCNLg1-Buj6S2k5MKwI23ARABIABg9YWAgPwDggEXY2EtcHViLTQ0MDk1MDU1OTQzODk4NjfIAQmoAwHIAwKqBPgBT9Al-gcuMLcjkL00hxUrzPxCKoruNhnms7vCgvgaxaipFy1_f_XnUfsKmj_9vZkX7DsqEdxmeejcfMkh7tShavxsdbItUZpBR1stMAnPtzrNUK3AEknCGdrpzYKKNWZoRrZCh3C8035oz0nqTPn8ph1JfkLHmnmX_oc_XB-mh0ZvtbJ86lLPwnauOQo4xW_oqOzliSjCnr-5tDczLf_jVAzXXN61chgJGHdDk0jPqBV7UWKWg9CzGaaaCtPXXDjxN8Bn1R4LFAhef50XtW9jllqprmnBQZXfE_zKovZuAaGd5FCufs65jx4bsdS8hiBDt5lCzvfTtrqABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY2KqznoKLgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDQwOTUwNTU5NDM4OTg2NxgA&sigh=2x7E6ACm40s&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNIycuDxMFzFie3CIbUnMPHV_9B9ix_BeRZekZf5XkXJYj9olsQp7uGyLHO480Qs4VKC_1VCch6Z9_xZZH18Mnq27ZAC1Y1mjhHBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=124&slotname=8179789107&adk=3026302014&adf=2418721593&pi=t.ma~as.8179789107&w=920&lmt=1702422557&rafmt=12&format=920x124&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557342&bpp=1&bdt=761&idt=177&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&correlator=8457648957908&frm=20&pv=1&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=515&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 23:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 3483 0
532 B 29ms
29ms Image
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&e=wqT_3QKVB-iVAwAAAwDWAAUBCJ3Q46sGELveoZ30mrfGXRgAKjYJAVWgi6rVtT8RwrSpfc5ItT8ZAAAAYGZm8j8hwg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR43vMFgAEBigEDVVNEkgUG9KwCmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vd3d3Lm1ldHJvZmxvZy5jby9wb3N0LzYxNDQ2NYADAIgDAZADAJgDCaADAaoDmgMKsAJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0zNWFjYjJkYS03YzdlLTQ3OTEtOWExMS0wZmFiY2NlYTU1YzkmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTM1YWNiMmRhLTdjN2UtNDc5MS05YTExLTBmYWJjY2VhNTVjOSZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjc0MTAwNTU1OTM3Nzk4MTI0MyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemt3TWpjMk1EUTJNREF4T1Rjak1qTXpNRGd5TnpJeE1qTXlOVGsyTlE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX8kOCxrOag-mPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1tQb6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAE-eAAQABgA4AYB8gYCCACABwGIBwCgBwHIB97zBdIHDQkFIwAACSYI2gcGCbqo4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=9d9b54ee65691510320d255377b9a915c8233be3&pp=ZXjoHQAIaYgIEfKgAAwoLEqCpFaO66bUfy2Pqw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmkIeHeh4ZYjTIaDlx_APrNCwCNLg1-Buj6S2k5MKwI23ARABIABg9YWAgPwDggEXY2EtcHViLTQ0MDk1MDU1OTQzODk4NjfIAQmoAwHIAwKqBPsBT9Al-gcuMLcjkL00hxUrzPxCKoruNhnms7vCgvgaxaipFy1_f_XnUfsKmj_9vZkX7DsqEdxmeejcfMkh7tShavxsdbItUZpBR1stMAnPtzrNUK3AEknCGdrpzYKKNWZoRrZCh3C8035oz0nqTPn8ph1JfkLHmnmX_oc_XB-mh0ZvtbJ86lLPwnauOQo4xW_oqOzliSjCnr-5tDczLf_jVAzXXN61chgJGHdDk0jPqBV7UWKWg9CzGaaaCtPXXDjxN8Bn1R4LFAhef50XtW9jllqp7Gvg01d76ZFeWILbn_gZUlSNdEqwoQbCE1LlApzDnbVaDnYx2y7v9-iABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY2KqznoKLgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1y6_kWxWzdCubwbbUgiwxcAD_HlQ%26client%3Dca-pub-4409505594389867%26adurl%3D&cbvp=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:18 GMT
an-x-request-uuid: 07d43e30-5b21-451f-a2b8-46b5438a2679
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.233; 176.10.107.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9CA9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6b773a86da5677a464c063e29d0faa6b3174864718b07fdb412b1fd9df693f9

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 9CA9 0
556 B 29ms
29ms Ping
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&e=wqT_3QKWB-iWAwAAAwDWAAUBCJ3Q46sGEICP1Om3tsXQOxgAKjYJoPdtTXtNwz8RIdHn0PTQwj8ZAAAAYGZm8j8hIQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4kPQFgAEBigEDVVNEkgUG9KwCmAHAAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAiRodHRwczovL3d3dy5tZXRyb2Zsb2cuY28vcG9zdC82MTQ0NjWAAwCIAwGQAwCYAwmgAwGqA5sDCrECaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Nzg2NjBmMjctOTA0MC00ZDFhLTllZDYtNzViOTA4MDgwMzE3JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD03ODY2MGYyNy05MDQwLTRkMWEtOWVkNi03NWI5MDgwODAzMTcmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9dHFjZWNuZmYmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0Mjk2NzM5MzgwMTMyMTIwNDQ4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESTROell3TWpNM01EWXlOREFqTWpNek5EWTNOVFV3TWpZMk5qVXdOUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZ_QpNz6qtHaacAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfY1-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAk-dBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHkPQF0gcNCQkkAAAFJgzaBwYIBQmo4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=a492e05e747e022df364d40b3d4f755f42b1990b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=320&bh=162&sid=4496275971657558764&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=320&ph=322&ww=320&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:18 GMT
an-x-request-uuid: 13781823-026f-4a72-9a1f-e087d9674b8d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.233; 176.10.107.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9CA9 0
19 B 65ms
65ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8LAgHeh4ZZ30ILa8x_AP8r2EcNLg1-Buj6S2k5MKwI23ARABIABg9YWAgPwDggEXY2EtcHViLTQ0MDk1MDU1OTQzODk4NjfIAQmoAwHIAwKqBPkBT9DZZppX9LI-vw_fGJVGvyCSSkQygy-F05d_s0fiNlFfPvKbgEkjQcYhm_GpvLFUmihAdmFGRXxjikX8XXNwVvAD8nyOQV_nxA2EYPIPMBX_S-m2qOkJ9w4-5XTG4tqyQ_krAS6StW7tn02DGLrX-ypjHKHq7iMi1Vpf2Ae6EsuXjk93cdEgrXbHspwj3_IMIZgtpqXbx5Ig_tlHaimyICQK-NpQlgNcWiMy2YYE6H67lW1YAshCD-mAVex0lz_BBMHly9YLdnBW9bTO-Jyj6tYvm6LE_NX9Z9rCrn1Gv9OtxLOcnUoL2wuQ1LJS1GuhjmyCSWlHjXo2gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKrYsp6Ci4MDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ0MDk1MDU1OTQzODk4NjcYAA&sigh=ZINDnP679DU&uach_m=%5BUACH%5D&cid=CAQSTgDICaaN2ZA3t_fG86vs9pheMoYcb5VfcU0hIM7OUh_JTArSee_Na3uqUP_jqXDX7y6c7BGdqlw2vaN1jo4EULQLcrswu9XbS8UdPjutdBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 23:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 it
ams3-ib.adnxs.com/ Frame 9CA9 0
532 B 36ms
35ms Image
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&e=wqT_3QKWB-iWAwAAAwDWAAUBCJ3Q46sGEICP1Om3tsXQOxgAKjYJoPdtTXtNwz8RIdHn0PTQwj8ZAAAAYGZm8j8hIQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4kPQFgAEBigEDVVNEkgUG9KwCmAHAAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAiRodHRwczovL3d3dy5tZXRyb2Zsb2cuY28vcG9zdC82MTQ0NjWAAwCIAwGQAwCYAwmgAwGqA5sDCrECaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Nzg2NjBmMjctOTA0MC00ZDFhLTllZDYtNzViOTA4MDgwMzE3JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD03ODY2MGYyNy05MDQwLTRkMWEtOWVkNi03NWI5MDgwODAzMTcmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9dHFjZWNuZmYmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0Mjk2NzM5MzgwMTMyMTIwNDQ4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESTROell3TWpNM01EWXlOREFqTWpNek5EWTNOVFV3TWpZMk5qVXdOUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZ_QpNz6qtHaacAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfY1-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAk-dBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHkPQF0gcNCQkkAAAFJgzaBwYIBQmo4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=a492e05e747e022df364d40b3d4f755f42b1990b&pp=ZXjoHQAIOh0IEd42AAEe8hEkZxkEKoOTJ03xOg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC01Q4Heh4ZZ30ILa8x_AP8r2EcNLg1-Buj6S2k5MKwI23ARABIABg9YWAgPwDggEXY2EtcHViLTQ0MDk1MDU1OTQzODk4NjfIAQmoAwHIAwKqBPwBT9DZZppX9LI-vw_fGJVGvyCSSkQygy-F05d_s0fiNlFfPvKbgEkjQcYhm_GpvLFUmihAdmFGRXxjikX8XXNwVvAD8nyOQV_nxA2EYPIPMBX_S-m2qOkJ9w4-5XTG4tqyQ_krAS6StW7tn02DGLrX-ypjHKHq7iMi1Vpf2Ae6EsuXjk93cdEgrXbHspwj3_IMIZgtpqXbx5Ig_tlHaimyICQK-NpQlgNcWiMy2YYE6H67lW1YAshCD-mAVex0lz_BBMHly9YLdnBW9bTO-Jyj6tYvm-DG3Uc_wyCvOocyCk30QAWYvkCP0iWIDRDUje8dDkauUanGbxeii3XKgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WKrYsp6Ci4MD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0P5Q1zNIny9HC2wEhb9d5Xq0Tg7Q%26client%3Dca-pub-4409505594389867%26adurl%3D&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4409505594389867&output=html&h=250&slotname=6495634864&adk=2413771843&adf=3235933448&pi=t.ma~as.6495634864&w=320&fwrn=4&fwrnh=100&lmt=1702422557&rafmt=1&format=320x250&url=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702422557339&bpp=3&bdt=758&idt=170&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=8457648957908&frm=20&pv=2&ga_vid=1468436066.1702422557&ga_sid=1702422558&ga_hid=1853812928&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=15&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080064%2C95320884&oid=2&pvsid=1549026445227098&tmod=622381562&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=178

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:18 GMT
an-x-request-uuid: 3f8cc6f4-4e7c-4480-b139-00728d828efd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.233; 176.10.107.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 115ms
70ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_fy2021.js?bust=31080064

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99cccda16c4c7216db016e9d61676c492598067dd76634af0e263e78b99fffb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12178
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_fy2021.js?bust=31080064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 23:09:18 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC15 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metroflog.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 11369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 19:59:49 GMT
expires: Wed, 11 Dec 2024 19:59:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0DDA 829 B
946 B 31ms
31ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b45fee561e819987ad6498faf1e912d52cd86360c005a8ad1aaa5e61b5c91965

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VUbNoOkiKE0PyiUO-kFYXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.metroflog.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VUbNoOkiKE0PyiUO-kFYXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 23:09:18 GMT
expires: Tue, 12 Dec 2023 23:09:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EC15 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:27:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 14:27:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0DDA 0
0 55ms
55ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1549026445227098&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EC15 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2sYB0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:09:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK / Show response
b1t-eudc1.zemanta.com/t/imp/view/FNDNU347V4UDWCMSRTPKTZQU524UYQEHPDSYTBJWI32KF2GAR2WC4D2HCQFMMTR3W6XDER27U636ISKN4AUAGVOQVIKNRXLIRL2M3EIT2ZBW4L7MU2P6VLNWB2CLEOKLH36TSNG5ZHGIOBAIX56NNXVTSZ6HOVWAHYFI... Frame DB23 26 B
257 B 29ms
29ms Fetch
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/FNDNU347V4UDWCMSRTPKTZQU524UYQEHPDSYTBJWI32KF2GAR2WC4D2HCQFMMTR3W6XDER27U636ISKN4AUAGVOQVIKNRXLIRL2M3EIT2ZBW4L7MU2P6VLNWB2CLEOKLH36TSNG5ZHGIOBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3GWAPNC5OZT6YE7XH3F5HD2EF2JB5ISYBNG5BCB6SJBGEBP6MWNVT37UGAOC6QO6JTQ/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 12 Dec 2023 23:09:18 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

OPTIONS
H/1.1 204
No Content /
b1t-eudc1.zemanta.com/t/imp/view/FNDNU347V4UDWCMSRTPKTZQU524UYQEHPDSYTBJWI32KF2GAR2WC4D2HCQFMMTR3W6XDER27U636ISKN4AUAGVOQVIKNRXLIRL2M3EIT2ZBW4L7MU2P6VLNWB2CLEOKLH36TSNG5ZHGIOBAIX56NNXVTSZ6HOVWAHYFI... Frame 0
0 89ms
29ms Preflight 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/FNDNU347V4UDWCMSRTPKTZQU524UYQEHPDSYTBJWI32KF2GAR2WC4D2HCQFMMTR3W6XDER27U636ISKN4AUAGVOQVIKNRXLIRL2M3EIT2ZBW4L7MU2P6VLNWB2CLEOKLH36TSNG5ZHGIOBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5A4QAUSIREDQK2JFUYTQM4Y6KNZRI4GT36LLHSIK5G5U4SQYE4JS6BNMW3XR5OGVWPPW47CYIYJPXWNE52KR6WTMP3GWAPNC5OZT6YE7XH3F5HD2EF2JB5ISYBNG5BCB6SJBGEBP6MWNVT37UGAOC6QO6JTQ/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Max-Age: 600
Connection: keep-alive
Date: Tue, 12 Dec 2023 23:09:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1549026445227098&bg=!ERKlEl3NAAY3kmNgF5I7ADQBe5WfOATHw5Ena7YOhJZYeCISdSjaPXCZRfhbXQmRNr-2_s1ykBVufY1NrlmRXady17rUAgAAAC9SAAAAAmgBBwoATXlfzcQ9h9AGE5oA2IdF9S_X2U-KQh74RFEJFlU8sqDXukiWa4Prhv1x1dxVtNLbwje3fXePtnv3YQfkQA5akcBCLlE0MZxxROY-F_NVmQK0uS9BKI4lPfH5V3-cA31t_B-FITw8_X_aifFyKVhm4Fx0e-mqVdtzWvHpapP2tHmtxq9xE_NNBySuK-uMblWomJeCKsT1dfuRSWEABQx_Lg4MlBN5vtsYuYyL5Avp5E8sLbjtDMbnUUvr5Ir2eA9HzVvSZbQK0rGoaQGmbyxeTSpVOsxVi_QsHyW7mCAUt9UnF-Vw-R7ruqAAnQQIRZ5Db_wMoXwG35dohTB9rzlIedFoKS8gnCGbY8y5ePBDhCyzAcxonLlDnvHgCuPVFmq_cKOSRZzTq9HH6vERZTYi-WBFYazvFmqQWQ8DBKJtcVHkUvvrsOf5MVuieJyin5_J0D7cqdtnnR948R8nxBE_zBn447mcx7vhwcZFHAYVN0LBn8PIGI8qmZ_x5573xAPpON6eliheF8me1c4tcJ82tm9tYS1Iy4pniKlJ2CDkHM3KnSLvN7XUW8Zz8ut7644bqO_Gc_fQDPUfEJO-GaOs8U1VyNrCGpjB8Bk__xDDvTNIruWrSkITpCnb7yM_pdFtnDPD_jL8YzHcOZvK2udUOnzPeSZf8GHAhoAyuKTlQ8k9WMbRWoWG160dnBe3vkaS3LF0FR3QseslZEMbkbLDFRTeD2AaEkFPdneDSlI8DOkosnGwVXxjc26_ESPZbzTXa9DswFqS25skFGgwCY7AQfPyuSeXf-FGbDd0XSZJyQueG8R8dqKqs3lNlBF5RK0t8_G1XWzJatHB2FQWtbxfBKhXoDOpySPMsU3PH3zwYTXNZIRsiRs5BqbM7czV3LMc0t1RTtsv14YzghHS4M0KfgE2zrENAl9KV1EWdA0y_8HoMfxd3u4bk3wwmsj8PEu1lheHiSUpCC-ApJlUJORA9BjTNb1m57cmRJC23SeyS2ubRYt3bBbzujvqsucy3IBhOSGcElE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.metroflog.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DB23 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_46YnKllF84-abOyACOpzA6MxfTlTO4R4Q8pEJay-zQ2CXVnndpLerRg8L5IHnI9W-2zp4VndnlxJL8_2TXN2EyrtDImVHenst_CN38OTu5WQQnaG572O&sig=Cg0ArKJSzAKP_3kUpQDLEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=255705853&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702422557787&rpt=244&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 9CA9
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=12dae442-4c26-494f-a407-bc7b22bf07af&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=78660f27-9040-4d1a...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=20a7ffcbaee7458c93994c7181c7ff15&tids=15000&med=10

0
18 B

68ms
68ms

Image
text/plain

2a02:26f0:e600::170f:b1f8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=20a7ffcbaee7458c93994c7181c7ff15&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:e600::170f:b1f8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A951452D4E1494FAE412D8F6EBA88AF Ref B: FRA31EDGE0214 Ref C: 2023-12-12T23:09:19Z
x-cdn-traceid: 0.f4b10f17.1702422559.c186b50
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 12 Dec 2023 23:09:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F96840B8823480E9AE3ADE9D9F73911 Ref B: FRA31EDGE0210 Ref C: 2023-12-12T23:09:19Z
x-cdn-traceid: 0.f4b10f17.1702422559.c186b29
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=20a7ffcbaee7458c93994c7181c7ff15&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H3

200

c.gif
www.bing.com/aes/ Frame 3483
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=4c8d541a-7bb9-49a6-941c-cde1750a9f8d&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=35acb2da-7c7e-4791...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9ff03334618e469ba305d20949665a76&tids=15000&med=10

0
18 B

65ms
65ms

Image
text/plain

2a02:26f0:e600::170f:b1f8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9ff03334618e469ba305d20949665a76&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:e600::170f:b1f8 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69E62C714BD84B68A12048BA2165EC00 Ref B: FRA31EDGE0217 Ref C: 2023-12-12T23:09:19Z
x-cdn-traceid: 0.f4b10f17.1702422559.c186b53
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 12 Dec 2023 23:09:19 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A9762BE71B245FA998E0F2BD853443E Ref B: FRA31EDGE0712 Ref C: 2023-12-12T23:09:19Z
x-cdn-traceid: 0.f4b10f17.1702422559.c186b2c
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=9ff03334618e469ba305d20949665a76&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 3483 0
556 B 29ms
29ms Ping
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&e=wqT_3QKVB-iVAwAAAwDWAAUBCJ3Q46sGELveoZ30mrfGXRgAKjYJAVWgi6rVtT8RwrSpfc5ItT8ZAAAAYGZm8j8hwg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR43vMFgAEBigEDVVNEkgUG9KwCmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCJGh0dHBzOi8vd3d3Lm1ldHJvZmxvZy5jby9wb3N0LzYxNDQ2NYADAIgDAZADAJgDCaADAaoDmgMKsAJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD0zNWFjYjJkYS03YzdlLTQ3OTEtOWExMS0wZmFiY2NlYTU1YzkmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTM1YWNiMmRhLTdjN2UtNDc5MS05YTExLTBmYWJjY2VhNTVjOSZydHlwZT1udXJsJnRhZ0lkPTY5Mjk0OTkmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNjc0MTAwNTU1OTM3Nzk4MTI0MyIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpOemt3TWpjMk1EUTJNREF4T1Rjak1qTXpNRGd5TnpJeE1qTXlOVGsyTlE9PcAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAX8kOCxrOag-mPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX1tQb6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAE-eAAQABgA4AYB8gYCCACABwGIBwCgBwHIB97zBdIHDQkFIwAACSYI2gcGCbqo4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=9d9b54ee65691510320d255377b9a915c8233be3&type=pv&jm=1003&px=96&py=0&bw=182&bh=90&sf=1&sid=4496275971657558764&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:19 GMT
an-x-request-uuid: c9498647-727a-406f-bdaf-096351a6fb66
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.233; 176.10.107.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3483 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpI2SFlmibYs_tDJ3PBsYqlbo65Uxjxxi_AYwMn662FzYTn9IS1dYRKtQDxAImdrpdHXoz9DIlXdmebdGtYXhNdwEwHkFyfYEuQAZLqE0FaSUoRdMowKme&sig=Cg0ArKJSzGkJSiGdG4pqEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3026302014&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702422557798&rpt=356&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 9CA9 0
556 B 53ms
53ms Ping
text/html 185.89.210.180
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.metroflog.co%2Fpost%2F614465&e=wqT_3QKWB-iWAwAAAwDWAAUBCJ3Q46sGEICP1Om3tsXQOxgAKjYJoPdtTXtNwz8RIdHn0PTQwj8ZAAAAYGZm8j8hIQ0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4kPQFgAEBigEDVVNEkgUG9KwCmAHAAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAvAG4AKiqDHqAiRodHRwczovL3d3dy5tZXRyb2Zsb2cuY28vcG9zdC82MTQ0NjWAAwCIAwGQAwCYAwmgAwGqA5sDCrECaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9Nzg2NjBmMjctOTA0MC00ZDFhLTllZDYtNzViOTA4MDgwMzE3JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW5pdD0zOTE0NjYmcHVibGlzaGVySWQ9MTYyNjQ1MzMwJnJJZD03ODY2MGYyNy05MDQwLTRkMWEtOWVkNi03NWI5MDgwODAzMTcmcnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9dHFjZWNuZmYmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM0Mjk2NzM5MzgwMTMyMTIwNDQ4IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESTROell3TWpNM01EWXlOREFqTWpNek5EWTNOVFV3TWpZMk5qVXdOUT09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBZ_QpNz6qtHaacAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBfY1-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAk-dBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHkPQF0gcNCQkkAAAFJgzaBwYIBQmo4AcA6gcCCADwB7-DDYoIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=a492e05e747e022df364d40b3d4f755f42b1990b&type=pv&jm=1003&px=0&py=0&bw=320&bh=162&sf=1&sid=4496275971657558764&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:19 GMT
an-x-request-uuid: 967b24e1-709b-461d-aa4e-e3e4fb609cf4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.107.233; 176.10.107.233; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9CA9 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWOJYP9stTfOJmXps3NsKXGuNLrJEhYYUz55l26DsLFvEzVRNGUmZsZzXwvpy08MOkP2g8X14cviqwrkIsKMYO577GNamTj2m7jnz5jXBgfAOybd5aU9To&sig=Cg0ArKJSzLzQZLaPfrppEAE&id=lidar2&mcvt=1000&p=0,0,250,320&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2413771843&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702422557518&rpt=684&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 23:09:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

290 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.metroflog.co/post	1970-01-21 02:29:42	Name: ad-con Value: %7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2023-12-12%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D
www.metroflog.co/post	1970-01-21 02:29:42	Name: _us Value: 1702508956
www.metroflog.co/	1969-12-31 23:59:59	Name: PHPSESSID Value: a6e512577614fd09aa12e02388ec6870
www.metroflog.co/	1970-01-21 02:29:42	Name: mode Value: day
www.metroflog.co/	1970-01-20 16:55:08	Name: access Value: 1
www.metroflog.co/	1970-01-21 01:39:39	Name: src Value: 1
.metroflog.co/	1970-01-21 02:29:42	Name: _ga_BRPQG63SEQ Value: GS1.1.1702422557.1.0.1702422557.0.0.0
.metroflog.co/	1970-01-21 02:29:42	Name: _ga Value: GA1.2.1468436066.1702422557
.metroflog.co/	1970-01-20 16:55:08	Name: _gid Value: GA1.2.1403711203.1702422557
.metroflog.co/	1970-01-20 16:53:42	Name: _gat_gtag_UA_171486116_1 Value: 1
.metroflog.co/	1970-01-21 02:15:18	Name: __gads Value: ID=1a6d012da10205c8:T=1702422557:RT=1702422557:S=ALNI_MYi6omwhpQuPisGYVhMhGEnYUNSkQ
.metroflog.co/	1970-01-21 02:15:18	Name: __gpi Value: UID=00000d1913189e00:T=1702422557:RT=1702422557:S=ALNI_MavCiTIliPbknQJEoXRYOdCy4K89g
.doubleclick.net/	1970-01-21 02:29:42	Name: IDE Value: AHWqTUm0WmzIWFmdNbyZtsRBWt0urbJ8t6IQDDkgBubOieq7tYImHKM7cC0unhvOrUk
.bing.com/	1970-01-21 02:15:18	Name: MUID Value: 13B4AADD06FB66282F16B93807576749

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsdk.microsoft.com
ams3-ib.adnxs.com
b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
cdn.adnxs.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
metroflog.nyc3.digitaloceanspaces.com
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.twilio.com
tpc.googlesyndication.com
unpkg.com
waust.at
whos.amung.us
widgets.outbrain.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.metroflog.co
zem.outbrainimg.com
146.75.118.132
162.243.189.2
18.66.27.51
185.89.210.180
199.127.60.238
2001:4860:4802:32::36
213.227.153.220
213.227.153.224
23.32.184.180
23.32.185.60
2606:4700:10::6816:4aab
2606:4700:20::681a:507
2606:4700::6810:5714
2606:4700::6810:7eaf
2606:4700::6811:190e
2620:1ec:46::63
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:26f0:e600::170f:b1f8
2a03:2880:f083:9:face:b00c:0:3
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
03d7e4f5c8675c3d1136dccb316350f2409d5e79826b79b74fef108644febb9e
07027d6ee63778f45318a30f3cb591aa7521051c9ca5f714579d9835adc67296
0768119997d40c04b6089821d3f39588f7b1bab944317b38f775e03c30424c3b
0a1c81a31807d8061e05be2d20b4f18fa6ca2cde2160309cb2ffaf6ec621e681
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
15f086987988b9251572fd747d428c3a77a2862db8d5996e69115c9f74c549be
1966806bb5d5e6a86f4189e2fad00d1123d45852e3c6b51cf0224de3c40a60e5
1aee9646496df3de9154c2f3f54326d30d6122914e535ff3284fe5875d650e05
1b68bc7f2116741a1416a43a9e253d79afbcb25b603ab544c7fdf79c5959b468
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
22de26646ba1f8db6fffcaac956c7ffe2f8c2f81fd2d2fdde2d0fc9ace808c87
286649594aa2977e56c3df4a6b84ba0ded3ef74f8f4ec6739cdc853eb0da632f
2a25a841bdb9b41efdbba9815fd37be806319572f41bf88b4b41384c8444456c
2f0d5fae8e3f1757b2b542803b94b052bb965cc086fa7c493fdea108fbd5e1d8
2f952b0cbf39a677377554aea51121596bab1de9fff0aadd137b20fbe42bfc54
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334
3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4040beaa2f7989282350e39e4b4f3062a9880bc4d20dd7bbf74319f0defeaf1b
416034dfc369c194a41e4dfc5ce8d828fc434440b76639ede247c961004eda76
4dd7ca26366191c4c87d0da61ec047712e0631ec11e521d7a184a048499d27eb
4e3db43e0e3bb334dda61e4f492c3652816bd25f0a7c015e9bab01997b3c3e3f
50fa6eada22f53cb20d2461bbd4a4ef64b69f7a0af4d3e1c308183abdd30381f
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57141aafa799e33e3298927a29eb8de0d6af97789a54087bbbaa69148a0dcf71
5aefdd61b6f9d3c22f4f949d878696bffee60cc009f02c0e0e665faad3d51490
5cb422bd49ef4e1a0e265785dcfaa8a6736e718489182996d52f9d546e818306
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69422ce46387135f72f3759c345a61ee5f87e6f477298f1d4c089cc8f3c30bcc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
76e59b833365e36aac8c891e1e84d05d78cf8f5219394f52c1f701c70f943819
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
8058640a8a727778ce5834785a9f4cdc7599bf11d2846ea28726c14d335dd83d
8359690475ef017d0c141a876c4e2ee48b7802205424f3f0766831edb0e7649c
8a2adc2503ad54f82eb44d4ee78def01cea1bdc23268ac1d34a844318696b8a9
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
920cd13901db3df43b834b71583becded744b238626e6a84715177b2ab6f9f43
940fcd0e6f76d0b4a941bdceb34a85cd4840832532fc399d80c7bc3527b636e5
9518e793c62b4b879f4395262afb1e8353d7806e3f68fe1db3cca31867aba09c
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
991c7f9cc3525473bf078d7182797b745775483cee1a5296c6df7e188b1c7117
99cccda16c4c7216db016e9d61676c492598067dd76634af0e263e78b99fffb1
9a8ddf605e5d40f34a0f862222f62de1473b77182ff87aa39cb79d2a211ca85b
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9e9a136ce6e7aef88eb57380102c505ad39ebdb578eaff424e37c96107d3e9f6
a5573107e1872ba2de3e27aff1383633e7be17702134dfae07bd1dc01e5c64e7
a59ad235d9f2b03c08aad888ded2f9bfd816132c596c6d3743d07b40d045191b
a8809d962a56732e4db4cdea94557fc29c8179b7bed5d5ad70e90bfde650115e
a9e5056785e94856ac36442f7203138fd1ffe549c1164ac17e83acc7c08ac460
aa8d026a6e17274410d3a5e70a20856018771835d4e398f7969529f9e9b6c815
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b45fee561e819987ad6498faf1e912d52cd86360c005a8ad1aaa5e61b5c91965
b6b773a86da5677a464c063e29d0faa6b3174864718b07fdb412b1fd9df693f9
c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675
c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3
c3180e12eb685444ab411102850ff11a8dbf30e573348e0ad8a82cefb49132f1
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de75657576fd0b6e47dfd2755cc5571e0f95bff4407e59ed470608222978cadf
e0b58dcabdcbe870c73b0f8aac6c00d0e3c63e06812a839811d27277ba2c8580
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7447a499d6f23dd8a9166cf5ac7c857b9719b8a6625be498cae852de34395e
ef88215fb4967fa2858b743e62165452c73bb9779994aef84737318983b7ab22
f2805738c88d06ac3b37e0d46286b76256cf3b2366528194fd99eca56b58f250
f5f49770d9b13beb49ce66866cd25b9fc5a19b3c28297c3785d0e606a84f7fcf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7bd3f8e05835e2b81aacb7207cedd7e908f52f46fbae03e72c1908da987b6a
fba4f1463a092295138ef8f0f29d1ae963403dd865238e017ea720470d71d1fc

www.metroflog.co Open in urlscan Pro 199.127.60.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

95 %HTTPS

68 %IPv6

23 Domains

28 Subdomains

29 IPs

3 Countries

2542 kBTransfer

6709 kBSize

14 Cookies

2 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.metroflog.co Open in urlscan Pro
199.127.60.238 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

95 %
HTTPS

68 %
IPv6

23
Domains

28
Subdomains

29
IPs

3
Countries

2542 kB
Transfer

6709 kB
Size

14
Cookies

103 HTTP transactions
5 data transactions