metrozone.newsroomlabs.com Open in urlscan Pro
2600:9000:223d:2800:8:787e:6600:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://metrozone.newsroomlabs.com/
Effective URL:
https://metrozone.newsroomlabs.com/
Submission: On December 23 via api (December 23rd 2023, 1:38:40 am UTC) from US — Scanned from DE

Summary HTTP 134 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 29 domains to perform 134 HTTP transactions. The main IP is 2600:9000:223d:2800:8:787e:6600:93a1, located in United States and belongs to AMAZON-02, US. The main domain is metrozone.newsroomlabs.com. The Cisco Umbrella rank of the primary domain is 17614.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 31st 2023. Valid for: a year.

This is the only time metrozone.newsroomlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:223... 2600:9000:223d:dc00:8:787e:6600:93a1	16509 (AMAZON-02) (AMAZON-02)
26	2600:9000:223... 2600:9000:223d:2800:8:787e:6600:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2.18.97.54 2.18.97.54	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a03:2880:f27... 2a03:2880:f277:1e8:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
2	95.101.197.152 95.101.197.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2600:9000:205... 2600:9000:2057:ce00:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd02:882c:d916:bae1:7722	14618 (AMAZON-AES) (AMAZON-AES)
7	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
15	65.9.66.120 65.9.66.120	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
10	2600:9000:249... 2600:9000:2490:1a00:e:22cc:ba40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
2 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2.18.96.187 2.18.96.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.64.149.180 172.64.149.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 3	34.197.7.44 34.197.7.44	14618 (AMAZON-AES) (AMAZON-AES)
1 1	46.228.164.13 46.228.164.13	() ()
1	52.223.40.198 52.223.40.198	() ()
1	35.156.152.149 35.156.152.149	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1	2607:ae80:4::26 2607:ae80:4::26	26558 (FREEWHEEL) (FREEWHEEL)
1 1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
134	41

1 2600:9000:223d:dc00:8:787e:6600:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

metrozone.newsroomlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:223d:2800:8:787e:6600:93a1 (United States)

ASN16509 (AMAZON-02, US)

metrozone.newsroomlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.97.54 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-54.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f277:1e8:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.197.152 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-197-152.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ce00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 65.9.66.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-120.fra56.r.cloudfront.net

ib.isappcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2490:1a00:e:22cc:ba40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cloudinary-res-news.isappcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b322441df9b36e104884fb276dbaf744.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t-mobile-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.96.187 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-96-187.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.197.7.44 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-7-44.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (None, ) 1 redirects

ASN- ()

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.152.149 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-152-149.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	newsroomlabs.com 1 redirects metrozone.newsroomlabs.com — Cisco Umbrella Rank: 17614	616 KB
25	isappcloud.com ib.isappcloud.com — Cisco Umbrella Rank: 6364 cloudinary-res-news.isappcloud.com — Cisco Umbrella Rank: 18337	99 KB
12	googlesyndication.com b322441df9b36e104884fb276dbaf744.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	90 KB
8	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 484 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 dsum.casalemedia.com — Cisco Umbrella Rank: 1364	5 KB
8	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 11657 log.outbrainimg.com — Cisco Umbrella Rank: 3044 images.outbrainimg.com — Cisco Umbrella Rank: 2858	12 KB
8	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2138 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4308 mv.outbrain.com — Cisco Umbrella Rank: 2682 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7106	105 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 424 bidder.criteo.com — Cisco Umbrella Rank: 776 mug.criteo.com — Cisco Umbrella Rank: 2811	15 KB
7	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	179 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 rtb.openx.net — Cisco Umbrella Rank: 695 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 t-mobile-d.openx.net — Cisco Umbrella Rank: 84370	1 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 537 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461	15 KB
3	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 517	2 KB
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 ads.pubmatic.com — Cisco Umbrella Rank: 544 image6.pubmatic.com — Cisco Umbrella Rank: 793	6 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	74 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 10013 flint.defybrick.com — Cisco Umbrella Rank: 9116	20 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 s.amazon-adsystem.com — Cisco Umbrella Rank: 285	74 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1549	132 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 644 cdn.indexww.com — Cisco Umbrella Rank: 1640	2 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 2999	181 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 526	654 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	506 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	adsrvr.org match.adsrvr.org	149 B
1	turn.com 1 redirects d.turn.com	416 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	instagram.com www.instagram.com — Cisco Umbrella Rank: 1868	20 KB
134	29

	Domain	Requested by
27	metrozone.newsroomlabs.com	1 redirects metrozone.newsroomlabs.com
15	ib.isappcloud.com	metrozone.newsroomlabs.com
10	cloudinary-res-news.isappcloud.com	metrozone.newsroomlabs.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net metrozone.newsroomlabs.com tpc.googlesyndication.com
6	log.outbrainimg.com	widgets.outbrain.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	metrozone.newsroomlabs.com securepubads.g.doubleclick.net
4	gum.criteo.com	2 redirects static.criteo.net
4	widgets.outbrain.com	metrozone.newsroomlabs.com widgets.outbrain.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	i.liadm.com	3 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	static.criteo.net	securepubads.g.doubleclick.net metrozone.newsroomlabs.com static.criteo.net
2	cm.g.doubleclick.net	2 redirects
2	eus.rubiconproject.com	metrozone.newsroomlabs.com eus.rubiconproject.com
2	fonts.gstatic.com	fonts.googleapis.com
2	mug.criteo.com	metrozone.newsroomlabs.com
2	oajs.openx.net	1 redirects metrozone.newsroomlabs.com
2	mv.outbrain.com	widgets.outbrain.com
2	flint.defybrick.com	rock.defybrick.com metrozone.newsroomlabs.com
2	c.amazon-adsystem.com	metrozone.newsroomlabs.com c.amazon-adsystem.com
2	platform.twitter.com	metrozone.newsroomlabs.com platform.twitter.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	ads.stickyadstv.com	ssum-sec.casalemedia.com
1	cms.quantserve.com	1 redirects
1	x.bidswitch.net	ssum-sec.casalemedia.com
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	d.turn.com	1 redirects
1	s.amazon-adsystem.com	ssum-sec.casalemedia.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	js-sec.indexww.com	metrozone.newsroomlabs.com
1	ads.pubmatic.com	metrozone.newsroomlabs.com
1	t-mobile-d.openx.net	metrozone.newsroomlabs.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	images.outbrainimg.com	metrozone.newsroomlabs.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	b322441df9b36e104884fb276dbaf744.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	metrozone.newsroomlabs.com
1	fastlane.rubiconproject.com	metrozone.newsroomlabs.com
1	rtb.openx.net	metrozone.newsroomlabs.com
1	hbopenbid.pubmatic.com	metrozone.newsroomlabs.com
1	bidder.criteo.com	metrozone.newsroomlabs.com
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	rock.defybrick.com	widgets.outbrain.com
1	syndication.twitter.com	platform.twitter.com
1	widget-pixels.outbrain.com	metrozone.newsroomlabs.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	www.instagram.com	metrozone.newsroomlabs.com
134	54

This site contains links to these domains. Also see Links.

Domain
paid.outbrain.com
www.outbrain.com

Subject Issuer	Validity	Valid
newsroomlabs.com Amazon RSA 2048 M02	`2023-03-31` - `2024-04-28`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2023-10-01` - `2023-12-30`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
rock.defybrick.com Amazon RSA 2048 M01	`2023-04-09` - `2024-05-08`	a year	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2023-11-12` - `2024-02-10`	3 months	crt.sh
*.isappcloud.com RapidSSL TLS RSA CA G1	`2023-07-23` - `2024-08-22`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://metrozone.newsroomlabs.com/
Frame ID: C0C84E5BDF2F1B1B8C34521F792D30CD
Requests: 90 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmetrozone.newsroomlabs.com
Frame ID: 0267D509774708B0B3E7C5941071C848
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=metrozone.newsroomlabs.com
Frame ID: 509E77976213E651F8049DF031FB6014
Requests: 2 HTTP requests in this frame

Frame: https://b322441df9b36e104884fb276dbaf744.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9BBAB0E220C371E5092053FE768FB747
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 6B326529C9EE9C9933C235B4DD5F73BA
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 4D6CCFCF217BBA628697B8634613D569
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: AEDD568B8003B8114B868E17136228B3
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1128614E266EAD7C4F6FC75407F16754
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 359D150B475F2EE88C402725C8AE443A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=metrozone.newsroomlabs.com
Frame ID: C710A86811C23AAF54DD713F179D2D41
Requests: 2 HTTP requests in this frame

Frame: https://t-mobile-d.openx.net/w/1.0/pd?us_privacy=1YNN
Frame ID: FB17CE6C3F8ED75CB3344534337827A4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161760&us_privacy=1YNN
Frame ID: 46B8A4EED49D137676EF6979D76DD02B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Frame ID: 46C0D6AD67C0D620C795AEAFF91566F7
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D438480345447F0382D72A74B9E4C2DE
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 69A0F3EC7610BA093A055FBC82B39831
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Metro Portal

Page URL History Show full URLs

http://metrozone.newsroomlabs.com/ HTTP 301
https://metrozone.newsroomlabs.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

134
Requests

94 %
HTTPS

48 %
IPv6

29
Domains

54
Subdomains

41
IPs

6
Countries

1609 kB
Transfer

4368 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://paid.outbrain.com/network/redir?p=-EQ_zTdO0GUzIqBabhmwDCaIw8TUm-lddDtMM_KN8YohL41vUcEkynD52t4Nv597LJUT6s2bo9DJgIJiN67GJAdaQattRJdnfLmW40aIujqzl6fdr1W7ghVpKvaR8Z0ME9pCNtC2stJ5p0cKb7JWAbTyS94AA7NmV697uVpUB5ME5PXRLkWiUtfiWhXUE4SqR68uT10poczCWIP9z6H6jjF-c1RiiwP0rOi8T0cNjolfWue0Mq6bxn24YHkta8KrEiyGzX_nbgGv361hK_9Oj8t0wsV4oeS_1JdXCTH6aUOwl3lLSvgLG40exs7JQozH0hqCquYEjwaqXfC_J16x0DoRtL2HiBiwTpD8nziLoLr7LcmLDxPNKbmdqd6593EjcFxfM4cpFFCOQBLRFEYGOVri_ARdcYm6FRvWFyUoXje_mDLcO9mqAaIzYLUiR7mZkv3oSNZNWo4RVvqZqOp3kaNqh1ZF49Votj6RQADIhdo8yDODcmA3cU7iD6MGD21xfleDNK2_ajfjJzy-SodlHNhgRy-CpKdPdjdid4sekWerz6rXT-F8ePWDZc3GR-tWMyu-atf6qmBB3a6EI6e-iDWtiJ5y_gbD5Z1hOI5773XJOF9bJKQ43MIixvW3LFc8cBtB8XQ1GtkzHkDy_J7llTMyOV683MMllZ_OXErMxnGKLlUUv2nZpsxlegnw1lZl3lPIC6LuIt2473ffM6rRutVFUHP65E4o0QerMK6ubXiiTXmYApxWH_yvllLcuCs4eKXFBSGxWiR6dgLq6lBo-Us0TlYI-sugU7iI2yRWbeZbCFvi2nVHf7earZ7O2nCwM0MjTZZ1foIxH55pgw4NtEWVIfKTnF-O_QVxPugt1leGi13FlDh3wxCdDek5LaymOjyks1-kqbJno6iBZNIuu4E8GppYRbsaF_E2fGp6bqLo1QfD4FnMdMMRGMGoL-BVoqMsyn--ujJlGKZGy7LdCcL3lV1YvXgvJ42eiQWxnWeD-jhJvfb9b66rgmGwucOtTAgXGav-Wdt5MGzA2PyVCJ9mDP9rZR3_sqKJoO9PRGJMGGCd17cjAmZaL5-b4iLV&c=d2589132&v=4
Title: Ein einfacher Trick gegen Sehschwächen (jeden Abend anwenden) Seh Protokoll

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://metrozone.newsroomlabs.com/ HTTP 301
https://metrozone.newsroomlabs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp&cc=1

Request Chain 72

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsroomlabs.com&sn=ChromeSyncframe&so=0&topUrl=metrozone.newsroomlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=l0Cg-nx5WG92cFdVejE1dzE1aFJjc2ljQmxSTm44a2JYaHpzZHhPV2ZvVWlTUnlsSmNSTTdOOTJJY3BNRmcrby9iZEt5L2hHYkc5Zk5aWHRid2t3QmNDMGNybUNiS2d3M000MmgwRTNxcHZoU1hnanRMeUd3UWljYWRkS2VaUWFsT2x6NDFwR3Q2Z3hCYTM2SXdZUDg3bGdMWklJWkc2TzZzVnlXSGxOS0MyWEVKWEsxcjBlSWZYdHU3VjNCSkV1UWxkQkpaWmZrbitZRzBNdDUwdyt5REwrZHU4Sk5CaWNZWHhsSkpjckRRVjg2c0dxSFd2WWpyR1cwSTN0S2J3dDdKYnIwSGZ5OWtLSkhlbUlzZlFvam9yYWxHTERlalJkejc3YVkzdVNnSm9BMk5OWT18&cppv=2

Request Chain 116

https://gum.criteo.com/sid/json?origin=publishertag&domain=newsroomlabs.com&sn=ChromeSyncframe&so=3&topUrl=metrozone.newsroomlabs.com&bundle=CkNE019lTnpvbUxqZ0Z0YVFSMWNsRVZicHR1enlLTFdLJTJGVGRkNGJ3NVN2aldrUDNKcGVNdTdkTFRrUDh5YklodHRLWEYlMkZpS0ZxSjEzY3lNTFYxbWRwaVk4VWw0bmNiajRCYUJDQlU0MmljNCUyRjFuVEREbWo0MHpYdHVkM1dmUWtnaTJWMmJFenhHYVVhbjBKM3FOUGNyQWVScnJGQnElMkJLWDklMkJ4d1VPOFMxWUZZVkxvJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8d1n63xMUklrQ3ptZ3hpTXVvL2NJV1BZaTJjSStWeGpBc3F2NWc3bnZOQ0Y5R0pucEppTitZN04xVUdFUThJa3ZRTGMwaU5Ic2ZSWkU1MlZaZXF6ZjlHYlE4SjZsRWI2cWZ5Z2hjd1F5NUgwUVZWZlRMcmdnRmJ0YXRJaC9lN0RIVll0YXErL0FFN1BTaVYzZElwd3FWUXRmS01EcTUyM2RHNkZJclN2cHRkSzMwSXBTRXh0WFNJSkFBUWZrTmxqaDVyR2YyazdyR29NeFZTM3o3dCtwZ3B1ekIydjU3OHIzMkRJeGlUOUZ1cXFTVWdsYmdvdzRlRklhejdvTTBCamUvN0NNbUpIaHppVnVheTJBamN1M1JydlhycmtrSjFwRWx0OXFtYlJvYlBNZ3pHUT18&cppv=2

Request Chain 122

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYY6HraDGc1pXhdLis6pegAAFF0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHbTK8voO8I4JycBy6ODd5w&google_cver=1

Request Chain 128

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYY6HraDGc1pXhdLis6pegAA%265213&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYY6HraDGc1pXhdLis6pegAA%265213&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=227747d6bd584b18bd8175347c7e0443 HTTP 303
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7377187449251609913 HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

Request Chain 129

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYY6HraDGc1pXhdLis6pegAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDmbE4lb9WUW5jQwgiqMAU&google_cver=1

Request Chain 131

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=JC-APyF7iWw_eY8-I3yVbCspiz0_I9w7K3vzNngX

Request Chain 133

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1703381918

134 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
metrozone.newsroomlabs.com/
Redirect Chain

http://metrozone.newsroomlabs.com/
https://metrozone.newsroomlabs.com/

3 KB
2 KB

130ms
40ms

Document
text/html

2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b55aab87cd66579a7d183628d4550f5249ddedc061f9f6d9779776754ad1d65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28942
content-encoding: gzip
content-type: text/html
date: Fri, 22 Dec 2023 17:36:12 GMT
etag: W/"20106711e922898da439f0a04dd1dbc9"
last-modified: Wed, 15 Nov 2023 13:52:23 GMT
permissions-policy: geolocation=(), camera=(), microphone=()
referrer-policy: no-referrer
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-id: SYaHNSJM2fWWnMNw78gqzAjkPluOPC0XAJgwSvK22cG1gW8pNii01g==
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: 28VbCNFClC0iRtzquI39DUCpoWI89VFJ
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sat, 23 Dec 2023 01:38:33 GMT
Location: https://metrozone.newsroomlabs.com/
Permissions-Policy: geolocation=(), camera=(), microphone=()
Referrer-Policy: no-referrer
Server: CloudFront
Via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 6JrKCJgdWAMIrgRmht9THqQZAx5IGrwgQFD1cUJOgCKRdqABAdf5gg==
X-Amz-Cf-Pop: FRA56-P3
X-Cache: Redirect from cloudfront
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 238 KB
86 KB 142ms
42ms Script
application/x-javascript 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 851b15749bdce6b4f58814f99abe29b48aa8e99d8ab4adda372a36f6d30ca155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:33 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 12:50:34 GMT
etag: "17-YF4NEwPhpcBtYuB59xWNyCGnEfY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: b58ad060d33c7ebaa156ce689e286fbb
timing-allow-origin: *, *
content-length: 87947
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 203ms
116ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0af29fe5e474bdfc5ee8e4125959ea49a5c3cc5d84fc0ab219c09e47d1b340cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29056
x-xss-protection: 0
server: cafe
etag: 257 / 19714 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 01:38:33 GMT

GET
H2 200 prebid.js Show response
metrozone.newsroomlabs.com/ 396 KB
126 KB 170ms
169ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f85da131ac714331f64da5b36098bfa49ea11be96a63efa842fc72d31fb42a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: UsswW4ckNDEZo0_IRz_MoZSbahvrxZej
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:36:29 GMT
last-modified: Wed, 16 Aug 2023 08:44:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 28938
x-amz-server-side-encryption: AES256
etag: W/"8fe5147fffd599301d295dfcfedc3a38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -ajULRyLAg0E99UvHIa6EcUoZCD5P3gsRrC6K2ALy8vWkgorEmXPqA==

GET
H2 200 apstag.js Show response
metrozone.newsroomlabs.com/ 682 B
1 KB 188ms
187ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/apstag.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebabe313f704dfee2c57962abb10e4b6342b1c78622796f59ad8175ff9cf160a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: DFY_78_IEzJjhskJgSlaKY12xRkSxDqA
date: Fri, 22 Dec 2023 02:54:42 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 81898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 682
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:19 GMT
server: AmazonS3
etag: "388455d0e3c35033e1593b0f8ee9c32b"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: aLA4vJlYErh_jy0jOrhymKZ5xkuj99FYILXrZCBy2SaY7E4XfSzPvA==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 164ms
39ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 01:38:33 GMT
Content-Encoding: gzip
Age: 640
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/669E)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 embed.js Show response
www.instagram.com/ 55 KB
20 KB 262ms
168ms Script
application/x-javascript 2a03:2880:f277:1e8:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:1e8:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8745533655cfb55a71a3ac093748cdf33b78157a6ed1c8e00289a30f02aeae6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), gamepad=(), keyboard-map=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 01:38:34 GMT
content-md5: LY7Y2HHlDZgt2NMWVSsPMg==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19659
reporting-endpoints: default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug: mA5W+pWeA+g9Cv5Sr3IM6GubVOrWcirWaFan2UJ/76hyDm0Eeo7M9xORtqFNEvBLZE2PWYpj4fWqsVpV1jGytw==
x-fb-content-md5: b0df3b3fc5a1b22ed529489f32b753ab
cross-origin-opener-policy: same-origin-allow-popups
etag: "6f0a63c227a6d55ae3f8293a4e3afd21"
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(self), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
x-frame-options: DENY
timing-allow-origin: *
expires: Sat, 23 Dec 2023 01:58:34 GMT

GET
H2 200 index-7c388226.js Show response
metrozone.newsroomlabs.com/assets/ 338 KB
103 KB 49ms
48ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49ce4459f4c40f12bd7fbec55bdc5e425d547f01b492e5da8ce1574428c27746

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 1C7_2STeL3mJlS2SNLZs3DdpyHdcIjaZ
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 15:14:56 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 37492
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: W/"7548444a0f3ecdcbc79be609c818f471"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: tBB8o9NAQxPiPWxYbiiBkJCotL7pzAnZwTeDQXGNXeXzluhWQCtCrg==

GET
H2 200 vendor-326855bf.js Show response
metrozone.newsroomlabs.com/assets/ 638 KB
201 KB 49ms
48ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e51d4470e21d70ec4b3003734c561e748a273918d71e69201c2ef451c0b0d432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: KD2y1I3bNCEiyoHQOqYqatksdiQIJlyx
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:06:22 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 30991
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: W/"a4c49a3fc04acb6a46d361ad0fda1324"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: inMXSct8IB7VXrNKUuhjiYGjHU8XpAms04hevt-9IPdzbnkPxcJg3w==

GET
H2 200 index-361a481b.css
metrozone.newsroomlabs.com/assets/ 15 KB
4 KB 42ms
41ms Stylesheet
text/css 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/index-361a481b.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

361a481b9b89e4ccbc206408d2444ad4333650357126f47e6547b46f92ba4a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: WN8agfSJ4zXwYdeoClfsYXNO3XBCQcrl
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:38:17 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: W/"2097a50e9c6fab602f497f8c4c34ea04"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: LnmelgiusCfIkMRuUeK1QiixbxgTjRxNkpC3nm55Wy18ycOmTWl8CQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 150ms
44ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:21:16 GMT
content-encoding: gzip
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 1039
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: qTBni4yYC2VpFxS-OT1gGLh6dOiT-Ojid5PpjLlOXPeReRA6q1JIPw==

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 0267 319 KB
104 KB 39ms
39ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmetrozone.newsroomlabs.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 980215
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Sat, 23 Dec 2023 01:38:34 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55134
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Dec 2024 10:19:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 458 B
240 B 157ms
74ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=metrozone.newsroomlabs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd47bf27d565fc9cdc869642aa94a83dc119778db2f05b03a7eb004b68d48696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 215
x-xss-protection: 0
expires: Sat, 23 Dec 2023 01:38:34 GMT

GET
H2 200 gotha_pro_reg-12940050.otf
metrozone.newsroomlabs.com/assets/ 45 KB
46 KB 42ms
42ms Font
binary/octet-stream 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/gotha_pro_reg-12940050.otf

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-361a481b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

12940050936a155b6ce63dba4c41cc026fbe46f3fd3fe3f1175844ee463c724d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: V3CNaVZ7AyD0ml8IWJ_F7OGKao_dRHNy
date: Fri, 22 Dec 2023 17:37:19 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28876
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 46096
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:20 GMT
server: AmazonS3
etag: "aafeb23794c0546aa78e6d11e49ef908"
vary: Accept-Encoding
content-type: binary/octet-stream
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: iZ6RHTmaSxeQC5lm2APF21zTsdUB2lDzfSdZjTryUwWW_q9T_iOwzA==

GET
H/1.1 200
OK bWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
461 B 168ms
41ms XHR
application/json 95.101.197.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/bWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.197.152 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-197-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 01:38:34 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=32274
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: decc644d89b6dce46a9b6f4315281a1
Content-Length: 15
Expires: Sat, 23 Dec 2023 10:36:28 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 79ms
42ms Image
image/gif 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 01:38:34 GMT
date: Sat, 23 Dec 2023 01:38:34 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0267 869 B
657 B 239ms
150ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=feebadede0fee6eb7b64f30664f065e72c62ca8d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmetrozone.newsroomlabs.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 110
date: Sat, 23 Dec 2023 01:38:33 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Sat, 23 Dec 2023 01:38:34 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: a541deeb629c35c2
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: f511c8814c26d7649256842a0c835698ad8cbeeefde7a187638bc23857cf0a4f
content-length: 337

GET
H2 200 portal-5c04e09d.js Show response
metrozone.newsroomlabs.com/assets/ 8 KB
4 KB 48ms
46ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/portal-5c04e09d.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2fcba1498d13ee93d09768243352c8105674c9374d502bad1cbfcc7b49cdb583

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: Pjn3mHVSb5rypbVs5Sbjnp87swZVz4.j
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:45:56 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28359
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: W/"2e0380321a14bc9a9bcaa3d2fb7ee6e0"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: HkU-E-u6dWddsgfaXlSKLzY1xnKUXuhd5yN7mx5jUaCiy_Td45wJCw==

GET
H2 200 GeneralArticleFeed-e52150d5.js Show response
metrozone.newsroomlabs.com/assets/ 46 KB
16 KB 48ms
46ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/GeneralArticleFeed-e52150d5.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e91399e60ed15ff29f3c4a40f6a1e549cde8a9e724ad90809b79f87cb8b3f9be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: V965Sf9Btn8mlJY.OO7wgzkPcktKmeLr
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:43:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:19 GMT
server: AmazonS3
etag: W/"0111e1fff103619a33b69afdd4e43acc"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: z3KxRutGikuV5tX4bYp9XFY43oko9aSkGFKzaPOzV0nkkytPjT2m-g==

GET
H2 200 useDidMount-f1bcba79.js Show response
metrozone.newsroomlabs.com/assets/ 152 B
741 B 49ms
47ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/useDidMount-f1bcba79.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

09a10a9277eae5dbe0db5673b82b7d4b91b3d5aa275f1f50c4c8650bff27dc96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: xQMfLSm1KYVTrFrUVzex2fvZZpxhqz03
date: Fri, 22 Dec 2023 17:42:52 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 152
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: "4f72fc750be4a68cd79cea59ebeeddcc"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: dS_ppjVHf9uinMgqx7T9DR4SYbKi9kp75XGwOQ_CDtF5SP-aYzp8CQ==

GET
H2 200 usePageInit-61054177.js Show response
metrozone.newsroomlabs.com/assets/ 10 KB
5 KB 50ms
48ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/usePageInit-61054177.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de67edc9f6801c8d86791ea10b6b04aee53063fb5a4c922b4233a4bf993937b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: Kuc446BA9d7..c88mnQ42E31pX.5uHrv
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:43:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: W/"40186be189f4040c425ffefb42b311c5"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: TPA74vHnJGwYO1LmjJ0PVDXlCxO0gadkVQogGIM_7wkfGOhCPyYegA==

GET
H2 200 dns.service-d0cf32e9.js Show response
metrozone.newsroomlabs.com/assets/ 1 KB
1 KB 84ms
82ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/dns.service-d0cf32e9.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d95ebd30d818dc4740709510c663de4494c3bd5e6afa1a0c1a4abfc34d46ae0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: agHUId01q.rZYcRs_.usZh7_ueywYTNw
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:43:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:20 GMT
server: AmazonS3
etag: W/"9d3004aabe19c2f24e9ea4100e4b46df"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: Hod-J8qMsxOfh6HMAk3P3Vu7aDuC5bMm-DSYA1LGeBZjKSQxVYyALQ==

GET
H2 200 usePageInit-7f3c9de4.css
metrozone.newsroomlabs.com/assets/ 2 KB
2 KB 43ms
41ms Stylesheet
text/css 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/usePageInit-7f3c9de4.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f3c9de480637ef61b17c607a53383cd2a7adc0597173a4f9719ebd1b0aa1cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: eGbwQNl2jsIk3_CHYV0GrpeD0hbpdCNz
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:43:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: W/"e08800e2b568e3e415a2dc7cd505c8d1"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: cB_9V0IPLGPkZtaxQ8gKOuJxZqWzgutPLN9DKPg_1jjK8HjInwNxvA==

GET
H2 200 Clickable-deb1aa43.js Show response
metrozone.newsroomlabs.com/assets/ 11 KB
5 KB 84ms
83ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/Clickable-deb1aa43.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0174cc01f3e5fe09dbefeabc8da0911fad5086619bd9e7affca0fcb6a4caeb29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 7ir8JOE5yxVDrNRIBdDVHSdW.B.PEYXx
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:43:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:19 GMT
server: AmazonS3
etag: W/"79cb17622343620adfa928465a36ba6d"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: uZsxHF5qphTktPXSy_qbR-7lLVF3WYFjCr5k1qle_yDPYWeQXuTz2g==

GET
H2 200 Clickable-78d887f9.css
metrozone.newsroomlabs.com/assets/ 263 B
840 B 43ms
42ms Stylesheet
text/css 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/Clickable-78d887f9.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

78d887f974336f7900bd5eab99aa07eab4776357493b33a252c450ad92975b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: Bbb94esH17GPMJ_2qjVcS7paKktw3ciL
date: Fri, 22 Dec 2023 17:42:52 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28543
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 263
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:19 GMT
server: AmazonS3
etag: "6400054d06192d2e3bc9e3157eb59f23"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: YT2vF7aHuAysbjv-9SPw4VyyZUgl3uCiJSveqqqXXAbVYhk30tvgqQ==

GET
H2 200 cardsService-4f6599a3.js Show response
metrozone.newsroomlabs.com/assets/ 102 KB
28 KB 85ms
84ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/cardsService-4f6599a3.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

af095a0ff5a2f36564eae7977a7f69ac28164dbbb497a32e96a15da997ead3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: D79a87SDXWKsxwplBp757LMVMHkRgWSa
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:43:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:20 GMT
server: AmazonS3
etag: W/"3fff8fe646e7bd5afa0fe1b0bf539c8b"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: p_ZIJLZMebchA-ESso1uLt85Ioy-ZbXlI4ASHHTp6U3HNJpb0m3t1w==

GET
H2 200 cardsService-c4ffba6d.css
metrozone.newsroomlabs.com/assets/ 5 KB
2 KB 44ms
43ms Stylesheet
text/css 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/cardsService-c4ffba6d.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c4ffba6da17e0654b107030682d09fd08c27bdb875f446870e3e3a2df1ef9dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 6hIrsdgv5hjSfnlbYB9yJ5PAsvZ8R0Ke
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:43:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:20 GMT
server: AmazonS3
etag: W/"1a585875e488d7ea1d7bb2379b72f9cc"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: mG4orffGSIQbydaAFX_sdOSMAd2LVWu4VBneD5VbBl6XX3e-loH4zA==

GET
H2 200 GeneralArticleFeed-316e06cb.css
metrozone.newsroomlabs.com/assets/ 15 KB
3 KB 44ms
43ms Stylesheet
text/css 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/GeneralArticleFeed-316e06cb.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

316e06cbd89cfc40a70b1d2589e40e6c5c4178a081c47f107ed183ba6830a45a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: GiRL73iq3Sf2vL.ClYid.pmOhT_hiKXa
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:43:42 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:19 GMT
server: AmazonS3
etag: W/"e7e402cb7e0286f0a6417132a89ff06a"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: uU-VX4IwP2nKI5fr90ubrjy5cAgvwyJzSfvqd2y_X5rICfWIvHcZdQ==

GET
H2 200 OutOfPageBanner-de0541ad.js Show response
metrozone.newsroomlabs.com/assets/ 607 B
1 KB 86ms
85ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/OutOfPageBanner-de0541ad.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

48c6706bc55163e7f5b8530531fd4dac8d823d21faf35adad04411cc40293de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: KJ8Bw0phf1S.U1KGBKSjZQw6lGThjzTg
date: Fri, 22 Dec 2023 18:34:14 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 25461
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 607
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:20 GMT
server: AmazonS3
etag: "f6f71ec827d4b966eb76114fe163efe4"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: zjGUsmM6YMKU2YHRn93imj27yD8oCmsSCqwhhSfMunf4ZrFT7xy6Vg==

GET
H2 200 OutOfPageBanner-669b5c19.css
metrozone.newsroomlabs.com/assets/ 101 B
678 B 45ms
44ms Stylesheet
text/css 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/OutOfPageBanner-669b5c19.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

669b5c194e7ef49392ed930f8df70a89a06314216918df2381e585ad778aa979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: vwb0x2Mx7CpiVnexYca_Ns55gaX5B7iW
date: Fri, 22 Dec 2023 17:40:07 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28708
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 101
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:20 GMT
server: AmazonS3
etag: "419687244f3a2df4336b89110948b772"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: AehHi5NYBo4fVyIGMf01I_VOhW3bDXyR4yuQTQEN1jBsB4pei4tN9w==

GET
H2 200 useEventListeners-aa05247f.js Show response
metrozone.newsroomlabs.com/assets/ 5 KB
2 KB 86ms
86ms Script
application/javascript 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/useEventListeners-aa05247f.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9c7a43df078af690f3e6d271d09a1b9d4e9ea1a50ebed762c235f073daac47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 8L5rzn3HobOCqChj6KUG1tFHXVsW1CKS
content-encoding: br
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:46:01 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28353
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: W/"38186b6b0f76ef06cac6ec36b078d711"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: etrJCoTTuKyZIRcPwx_hX7k2nUtdUnnDtX3vtjluf0AAcp_vSONT3Q==

GET
H2 200 portal-fdb4c07f.css
metrozone.newsroomlabs.com/assets/ 2 KB
1 KB 46ms
45ms Stylesheet
text/css 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/portal-fdb4c07f.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-7c388226.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fdb4c07f55ff9e8be7c1dd23ef361d129a0a24a47a312c8e006cbc7a0b1ec4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: WoP88M7lW_PiPl2c0ty0fBP90DlYymjQ
content-encoding: gzip
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 17:45:57 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28358
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: W/"f69d2ed97a4aff5972d4dde3f566d49c"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: SywkwfU2x8a11LS6AWfIRAtPWRbbMn55P7lcvK6MqODyumtkISFbvw==

GET
H2 200 x-button-fd7d4b68.svg
metrozone.newsroomlabs.com/assets/ 200 B
782 B 87ms
87ms Image
image/svg+xml 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrozone.newsroomlabs.com/assets/x-button-fd7d4b68.svg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-361a481b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e07a70eac30fe0f3576e82610fbb17a8341d8e24c8fcf7bf9deac39228dbf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: osn3p95bG7nuv.4ws6slh9DuQB8cpGeE
date: Fri, 22 Dec 2023 02:04:05 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 84870
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 200
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:21 GMT
server: AmazonS3
etag: "2e0c8dbc37edab2f1d6b43f672925f34"
vary: Accept-Encoding
content-type: image/svg+xml
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: Q8rSJ-ft29JqIne5QBShYIok2UCiYfUEb0wOuqTxBcDippNUTgUkVQ==

GET
H2 200 gotha_pro_med-3d6693cb.otf
metrozone.newsroomlabs.com/assets/ 46 KB
47 KB 80ms
80ms Font
binary/octet-stream 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/gotha_pro_med-3d6693cb.otf

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-361a481b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3d6693cb498e2a4e05358475c986adfa058901ebc392a95e25d1a55a13406566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: CU2A5ziSiMpmOPFQa3KJsvoJ87Y50z3D
date: Fri, 22 Dec 2023 17:44:00 GMT
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA56-P3
age: 28475
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 47044
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 Nov 2023 13:52:20 GMT
server: AmazonS3
etag: "dd3d9ca53a246950706e94726bb1403e"
vary: Accept-Encoding
content-type: binary/octet-stream
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: prrjTy0Qq8u-SgqMVFP-O7sWZLN1OIlslZ3KRmV0sLNaOMiqN9uFdQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 128ms
41ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
date: Fri, 22 Dec 2023 06:03:45 GMT
x-amz-cf-pop: FRA56-P6
age: 85701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 7KZpd1Jz68bz3R8jbr-7oe0GHFmJk7_6DeuNgeae6W_mapiynk0fTQ==

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 166ms
45ms Script
text/javascript 2600:9000:2057:ce00:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ce00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:06:17 GMT
content-encoding: gzip
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA6-C1
age: 23537
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: a5mrAQVhHu8RQv9N132pZlazt9QrbpWN0MnnocEhiV5BapyZtJN1bQ==
expires: Sat, 23 Dec 2023 07:06:17 GMT

GET
H2 200 portal Show response
metrozone.newsroomlabs.com/api/spa/configs/ 9 KB
4 KB 210ms
200ms XHR
application/json 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/api/spa/configs/portal?auid=c3d74b6a-e9d0-4560-b67e-0bbac856e20a&abt=795&lang=en

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

85453cf9d8ca2c9fe6265e1c448480dabc04f2d22841b03a179a7b0328686830

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
critical-ch: Sec-CH-Prefers-Color-Scheme
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
accept-ch: Sec-CH-Prefers-Color-Scheme
cross-origin-opener-policy: same-origin
etag: W/"23c0-4tvf7SykkUsJg5geM+WN29UKanw"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
x-aura-correlation-id: 40dd9cef-a43c-4a0f-8b16-d21d1628bf73
cache-control: public, max-age=1800
x-amz-cf-id: SAb4JnPkXgv-vTSRpQiRXlImReOWWCaLQDYh1k6rhPeSSaClYRrNcA==

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 493ms
221ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=24258127921052291901701587115051132861305528117405158720521154961852&nc=0&tsf=0&tsfmi=&pv=0&cb=1703295514477&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=15316576&at=&bid=e30%3D&di=W1siZWYiLDI4MzRdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjE5MDIx%0D%0ANDk4OTEsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjUsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9W%0D%0AZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1%0D%0AU0FQSi9HdCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwi%0D%0Ae1wib1wiOjB9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFd%0D%0AIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwx%0D%0ANjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEs%0D%0AIjNWdzZyZGZLIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFst%0D%0AMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MTkzMDAwMDAsXCJ1amhzXCI6MTYxMDAwMDAsXCJqaHNs%0D%0AXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVT%0D%0ALGVuIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiww%0D%0AXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0s%0D%0AWy0zNCwiLSJdLFstMzUsIlsxNzAzMjk1NTE0NDY3LC0xXSJdLFstMzYsIltcIjQvM1wiLFwiNC8z%0D%0AXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwxNDYsMCwyMywwLDAsODMs%0D%0ANDIsMTMsMCw3MjkuMiw3MjkuMiw5MjksOTI5Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vj%0D%0Aa29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxs%0D%0ALDNdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAw%0D%0AMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIw%0D%0AIl0sWy00NywiRXVyb3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxb%0D%0ALTQ5LCItIl0sWyJibmNoIiwzMV1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A1125%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=arQuAwZ6in&sdd=%7B%7D&pto=940
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 5e30b5cf1e7498409774b02b0e87a7dec73a40fd376d506f84513d6aa2b4c1f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Sat, 23 Dec 2023 01:38:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1649
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 portal Show response
metrozone.newsroomlabs.com/api/spa/ 29 KB
9 KB 343ms
342ms XHR
application/json 2600:9000:223d:2800:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/api/spa/portal?market=en-us&topics=politics,trending,latest,local,breaking,entertainment,world,finance,technology,science,sports,health,culture,lifestyle,music,autos,gaming,travel,environment,business,food_dining,parenting,pets,fitness,gardening,architecture,beauty,fun&entryPoint=portal&useOnlineRanking=false&webEnableHeadlines=true&rp=eyJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIn0=&rankingVersion=v1

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:2800:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

930d13371c0e5c6ffd524a632026de79ac407bdb6a4bee21b7a8dd12625918ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
via: 1.1 29f7132906866b79866659848b3a3b68.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"7357-1LhGJ5wmhTN8AJb87l4XDw64SiA"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
x-aura-correlation-id: 9e0752ad-3ed3-4721-868d-b725e6df2f75
cache-control: public, max-age=900
x-amz-cf-id: d9vczNzxEPxKy5dH0q5QJXswZhfKBNvs_umdnReTJCxbzzBioR7JDA==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 514ms
115ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1703295514773&sessionId=9f649e66-4f88-481c-023f-3ef034a4e3ac&url=metrozone.newsroomlabs.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 01:38:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 62f209086710827f9da23d2ebf96f4f5
Content-Length: 4
Expires: 0

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 457ms
363ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJwb3J0YWwgb3B0IGluIG5vdGlmaWNhdGlvbiBzdGF0dXMiLCJldmVudF9pZCI6ImI4ZDNlNTdmLTMwMTAtNDQ3Zi1hOTRhLWU0ZDYxMTA0NmZmNiIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTQ5NDksInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNC45NTA5NTAiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsInNlc3Npb25fZHVyYXRpb24iOjAsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiZXZlbnRfbGFiZWwiOiJ1bnNlbGVjdGVkIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: YOGIAE0HCOZraPytT-nQGoBPeTUcqumwSD1bYkykc4ILuhieZRSUYQ==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 225ms
132ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJmb3IgeW91IHNjcmVlbiBzaG93biIsImV2ZW50X2lkIjoiYzdmNzcxYjItMDMwNC00NWU5LTk3N2QtNGFlMGIzMmQ3MTViIiwiZXZlbnRfY291bnRlciI6MTcwMzI5NTUxNDk1MSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZW5nYWdlZF9pbl9hcHBfZXZlbnRfZmxhZyI6MCwiaW5fYXBwX2V2ZW50X2ZsYWciOjEsImNsaWVudF9kYXRlIjoiMjAyMy0xMi0yMyIsImNsaWVudF90aW1lc3RhbXAiOiIyMDIzLTEyLTIzIDAyOjM4OjM0Ljk1MTk1MSIsInNjcmVlbl9uYW1lIjoiZm9yIHlvdSIsImV2ZW50X2NhdGVnb3J5IjoicG9ydGFsIHByb2R1Y3QgZnVubmVsIiwiZnJvbnRlbmRfdmVyc2lvbl9uYW1lIjoiMS4xLjIiLCJyZXBvcnRfdHlwZSI6IndlYiAtIGNzciIsImZyb250ZW5kX3ZlcnNpb25fY29kZSI6MTAxMDIwLCJlbnRyeV9wb2ludCI6InBvcnRhbCIsInNlc3Npb25fY291bnRlciI6MSwic2Vzc2lvbl9pZCI6IjQ1MGZiNjRmLTFiOGUtNDM5ZS05YWU5LTEwNWY4ZTA5OTFlYyIsInRhYl9uYW1lIjoidHJlbmRpbmciLCJlbnRyeV9wb2ludF9tb2RlbF9pZCI6IjMzIiwibW9kZWxfaWQiOiIzMyIsIml0ZXJhdGlvbl9pZCI6IjU4MzBkYzM5LWYwZWEtNDEyYS1hOTdkLWJlY2UwNmY4NTRjZiIsInN0cmF0ZWd5X2lkIjoibm9uZSIsInJlcXVlc3RfdGltZXN0YW1wIjoiMTcwMzI5NTUxNDY2OCIsIm5vbl9wZXJzb25hbGl6ZWRfZmlyc3RfaW5kZXgiOiJub25lIiwicmFua2luZ190eXBlIjoibm9uZSIsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6ImMzZDc0YjZhLWU5ZDAtNDU2MC1iNjdlLTBiYmFjODU2ZTIwYSIsInVzZXJfYWJfdGVzdF9pZCI6Ijc5NSIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIyLjI1LjMifX0%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: Tf18YOI51eTvKRPeRdEOk9TDz8v_4Ulb-6V70bl5bfMU64ykV1hTgw==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 220ms
136ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJwb3J0YWwgLSBzZXNzaW9uIHN0YXJ0IiwiZXZlbnRfaWQiOiI0OTg0MmM2MS1lNDAyLTRiZGEtOTFlNy1mNjYwNjkwOGE3YTAiLCJldmVudF9jb3VudGVyIjoxNzAzMjk1NTE0OTYxLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYiLCJlbmdhZ2VkX2luX2FwcF9ldmVudF9mbGFnIjowLCJpbl9hcHBfZXZlbnRfZmxhZyI6MCwiY2xpZW50X2RhdGUiOiIyMDIzLTEyLTIzIiwiY2xpZW50X3RpbWVzdGFtcCI6IjIwMjMtMTItMjMgMDI6Mzg6MzQuOTYxOTYxIiwic2NyZWVuX25hbWUiOiJmb3IgeW91IiwiZXZlbnRfY2F0ZWdvcnkiOiJwb3J0YWwgcHJvZHVjdCBmdW5uZWwiLCJmcm9udGVuZF92ZXJzaW9uX25hbWUiOiIxLjEuMiIsInJlcG9ydF90eXBlIjoid2ViIC0gY3NyIiwiZnJvbnRlbmRfdmVyc2lvbl9jb2RlIjoxMDEwMjAsImVudHJ5X3BvaW50IjoicG9ydGFsIiwic2Vzc2lvbl9jb3VudGVyIjoxLCJzZXNzaW9uX2lkIjoiNDUwZmI2NGYtMWI4ZS00MzllLTlhZTktMTA1ZjhlMDk5MWVjIiwidGFiX25hbWUiOiJ0cmVuZGluZyIsImVudHJ5X3BvaW50X21vZGVsX2lkIjoiMzMiLCJtb2RlbF9pZCI6IjMzIiwiaXRlcmF0aW9uX2lkIjoiNTgzMGRjMzktZjBlYS00MTJhLWE5N2QtYmVjZTA2Zjg1NGNmIiwic3RyYXRlZ3lfaWQiOiJub25lIiwicmVxdWVzdF90aW1lc3RhbXAiOiIxNzAzMjk1NTE0NjY4Iiwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOiJub25lIiwiZmFsbGJhY2tfbW9kZWxfaWQiOiJub25lIiwidHJhaW5pbmdfcnVuX2lkIjoibm9uZSIsImVuZ2FnZWRfZXZlbnRfc2Vzc2lvbl9kdXJhdGlvbiI6MCwic2Vzc2lvbl9kdXJhdGlvbiI6MCwiYXVyYV91c2VyX2lkIjoiYzNkNzRiNmEtZTlkMC00NTYwLWI2N2UtMGJiYWM4NTZlMjBhIiwidXNlcl9hYl90ZXN0X2lkIjoiNzk1IiwiYnJhbmQiOiJ0LW1vYmlsZSIsImN1c3RvbWVyIjoibWV0cm8iLCJsb2NhbGUiOiJlbi1VUyIsImRldmljZV9sYW5ndWFnZSI6ImVuIiwiZXhwZXJpZW5jZSI6InBvcnRhbCIsIm9wZXJhdGluZ19zeXN0ZW0iOiJXaW5kb3dzIiwib3BlcmF0aW5nX3N5c3RlbV92ZXJzaW9uIjoiMTAiLCJiYWNrZW5kX3ZlcnNpb25fbmFtZSI6IjIuMjUuMyIsImVudHJ5X2ZpbmlzaF9ldmVudF9mbGFnIjoic3RhcnQifX0%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: uKMF67m3cslgiTG-F7JewDBV1JYW8P9oyvZuDclTIrXmgRAIZ8HVig==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 155ms
39ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:27:07 GMT
content-encoding: gzip
age: 1408288
x-guploader-uploadid: ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:27:07 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 202ms
88ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Dec 2023 01:38:35 GMT

GET
H2 200 platforms Show response
mv.outbrain.com/Multivac/api/ 23 KB
8 KB 450ms
339ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/platforms?contentUrl=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&idx=0&rand=24430&app_ver=2.25.3&widgetJSId=MB_12&va=true&et=true&format=html&psub=www.metropcs.mobi&app_id=com.metropcs.metrozone&clid=9f649e66-4f88-481c-023f-3ef034a4e3ac&fdu=metrozone.newsroomlabs.com&extid=w%3DPT_MID%2Cac%3Dmetro%2Cdmo%3D%2Cep%3Dportal%2Ccv%3D%2Cabt%3D&extid2=cp%3D%2Ccps%3D%2Cmid%3D33%2Cla%3Den%2Clo%3Den-us%2Cfvn%3D1.1.2&px=12&py=647&vpd=0&cw=1576&settings=true&recs=true&key=IRONS2K1OLEJM4GB4HGIQAFE9&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010564&sig=3Vw6rdfK&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aed17e1da58c79eaf8c18410876b277f88c7ee900404b2b88c6f4b548a86c479

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 23 Dec 2023 01:38:35 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1703295515.115319,VS0,VE300
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21977-LGA, cache-fra-eddf8230112-FRA
x-traceid: 97148d873eda3bda747ff3741dc09670
accept-ranges: bytes
content-length: 7860
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjRhNjgwNWFjNWZlMTJkZjk3Y2M5NjliNjg2N2FmMjQxYThlM2UzN2ZiZGRmYjU1YjQ2MTAwOGY1ODQ0ZTg1ZTAiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/ 10 KB
11 KB 143ms
46ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRhNjgwNWFjNWZlMTJkZjk3Y2M5NjliNjg2N2FmMjQxYThlM2UzN2ZiZGRmYjU1YjQ2MTAwOGY1ODQ0ZTg1ZTAiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

aa20f07afa8a9a3c74ff34727e14bd9889511a0e665d2b9065db08a55a4766e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:16:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1334
x-cache: Hit from cloudfront
content-length: 10727
x-request-id: 8474c95424a1c192e83e956efa4a4f1d
last-modified: Sat, 23 Dec 2023 00:33:39 GMT
server: Cloudinary
etag: "6545fa9678390fdfd687261fb6fbfa3d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: WQC0OQ3Yc8eio0h7WbVnh9wlciuLv4DJWj-hRzPu0YvFFVTorgPF4g==

GET
H2 200 eyJpdSI6IjFkNGNhMGY5ODgzMTQ3YTRiZmU1ZWM0YWU5YWViOGNiZjMwOGYxMzNiM2E2YTM3NTI3ZjAyZWIwNWY2MWYwYmUiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/ 8 KB
8 KB 178ms
81ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFkNGNhMGY5ODgzMTQ3YTRiZmU1ZWM0YWU5YWViOGNiZjMwOGYxMzNiM2E2YTM3NTI3ZjAyZWIwNWY2MWYwYmUiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ffef17f27ebd18f2fb0b1c6d2c1dfc0df2a990ede6bbab33706d6bd170be7e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:14:56 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 1419
x-cache: Hit from cloudfront
content-length: 7923
last-modified: Fri, 22 Dec 2023 23:37:28 GMT
server: Cloudinary
etag: "257cda8cec6ff21167506d80ea20721e"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3Jh2AOwtVHj82JJmgfpcT3LlT1pr8mIgGp4qF4BqAuLowqvsXFum2g==

GET
H2 200 Police-arrest-Charlie-Sheens-neighbor-after-actor-says-he-was-assaulted-at-Malibu-home.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://cdnph.upi.com/ph/st/th/1931703281147/2023/upi/7b682f6e6e7b3fc1c315f3fd7b2b07e9/v1.5/ 8 KB
8 KB 184ms
86ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://cdnph.upi.com/ph/st/th/1931703281147/2023/upi/7b682f6e6e7b3fc1c315f3fd7b2b07e9/v1.5/Police-arrest-Charlie-Sheens-neighbor-after-actor-says-he-was-assaulted-at-Malibu-home.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b260e038467c3ba9383e1593fc6a9bcce8e973490b9c694dcab7f02191174f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 23:20:55 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 8260
x-cache: Hit from cloudfront
content-length: 7757
last-modified: Fri, 22 Dec 2023 23:20:10 GMT
server: Cloudinary
etag: "7daeed9734a9323b55c39a5a094ba962"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GkT1C1k-3EhJ7RAPaMY8BzL5xFvvoKEZbuPHdrbuzxENSUnpexnZrQ==

GET
H2 200 eagles-reportedly-urged-jalen-hurts-outward-leader.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://www.yardbarker.com/media/3/1/31472c0521c137285a236c07d7344b9be48810dd/thumb_16x9/ 9 KB
9 KB 143ms
46ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://www.yardbarker.com/media/3/1/31472c0521c137285a236c07d7344b9be48810dd/thumb_16x9/eagles-reportedly-urged-jalen-hurts-outward-leader.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0a1c3312dd2f9782b63428edb373db715092a9290bac4a90f2376fabf4531871

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 22:51:55 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 10000
x-cache: Hit from cloudfront
content-length: 8717
x-request-id: f68d0811bf12f70c7d58e61d65c9264b
last-modified: Fri, 22 Dec 2023 22:48:33 GMT
server: Cloudinary
etag: "ccb7874ee908d5d5169cf6fc9276a7d0"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: d5NBn6Td88IG7YuQtiHZ0ndZ9zCJopqgMrP4sPwrGMAt1KtV17zUgA==

GET
H2 200 pete-davidson.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://deadline.com/wp-content/uploads/2023/10/ 7 KB
7 KB 145ms
48ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://deadline.com/wp-content/uploads/2023/10/pete-davidson.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

38a3987621a361b386a70929890218d85aca4e371b6ddb904f60699e8b4b3100

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 00:07:51 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 5444
x-cache: Hit from cloudfront
content-length: 6754
x-request-id: 71dfea892bfa3bef35511b4cbad0ccfa
last-modified: Sat, 23 Dec 2023 00:03:39 GMT
server: Cloudinary
etag: "48a3717e822cc6459c2abb3296216ad4"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FlyWf3h4yBu0BA-kJ0d2zugmO7MUucxcS4kBkOaVLg42UGu0k1Q1Og==

GET
H2 200 project-angel-foods-2018-angel-awards.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://parade.com/.image/c_fit%2Ch_800%2Cw_1200/MjAzMDkxNDE5ODMxNzM5NTc0/ 5 KB
6 KB 174ms
77ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://parade.com/.image/c_fit%2Ch_800%2Cw_1200/MjAzMDkxNDE5ODMxNzM5NTc0/project-angel-foods-2018-angel-awards.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b4e2a2e29a0236fd944476979944f38d4d59d8a892ef8e9b7ecb4c774e3471a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 17:26:15 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 29540
x-cache: Hit from cloudfront
content-length: 5335
x-request-id: da347e51308fddd9caefae1ec901d1ee
last-modified: Fri, 22 Dec 2023 17:18:10 GMT
server: Cloudinary
etag: "75127ca02f8d62db3097af756bf000fa"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Ca7k3hLkzj5HlcsaG0t_SExZSR7ZSEnpDNpyTaymT-eYz5nFl_1B8g==

GET
H2 200 KBN33B1C7
cloudinary-res-news.isappcloud.com/image/upload/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/aura-news/article_assets/ 9 KB
9 KB 51ms
50ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/upload/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/aura-news/article_assets/KBN33B1C7

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

001666ff0c86a5561ec86b1f16412743e2363cd7ee08f45ec091145d44a3414d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 00:43:31 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 3304
x-cache: Hit from cloudfront
content-length: 8740
x-request-id: 5b9526bec0091ae8e0660b446679d72f
last-modified: Sat, 23 Dec 2023 00:34:10 GMT
server: Cloudinary
etag: "d234cd03fc0294bec9957833bbf35ba9"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: N3XKjcbb9XgjS4QIs9dyqRobiW4OApZxCIrrbsvfAHW4APoaNK23JQ==

GET
H2 200 Jennifer-Garner-Today-Show-CAT2.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://publish.purewow.net/wp-content/uploads/sites/2/2023/11/ 5 KB
6 KB 47ms
47ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://publish.purewow.net/wp-content/uploads/sites/2/2023/11/Jennifer-Garner-Today-Show-CAT2.jpg?resize=720%2C550

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1b3df8e0165f50e485dcb44d10222bda9b1215213c49e8e07411657a63412475

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 13:42:37 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 42958
x-cache: Hit from cloudfront
content-length: 5335
x-request-id: 8de881af13ad50d5fe64b65978c1e8db
last-modified: Fri, 22 Dec 2023 13:33:38 GMT
server: Cloudinary
etag: "6c988d7f7a0c9caa5044119458b8b06b"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: uy0-gaThu_aCfAOxzMVn6O-XCFl3VNjYN1YiB3TpYA8mDUp7NDpAKg==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 192ms
143ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6ImU5MTQzZmNiLTM4ZGQtNDljNS05ZWJmLTRlOGM2MmVhOGZkNSIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTQ5OTUsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNC45OTU5OTUiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjowLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiaXRlbV9pZCI6MTcyOTc2NjIsIml0ZW1faGVhZGVyIjoiRG9sbHkgUGFydG9uIG9wZW5zIHVwIGFib3V0IG5vdCBoYXZpbmcgY2hpbGRyZW4gd2l0aCBodXNiYW5kIENhcmwgRGVhbjogJ0l0IHdhc24ndCBvbmUgb2YgdGhvc2UgYnVybmluZyB0aGluZ3MnIiwiaXRlbV9uYW1lIjoiYXJ0aWNsZSIsIml0ZW1fdW5pdCI6InNtYWxsIiwidG9waWNfaWQiOiJsYXRlc3QiLCJjb250ZW50X3Byb3ZpZGVyIjoib3V0YnJhaW4iLCJjb250ZW50X3Byb3ZpZGVyX3NvdXJjZSI6ImhlbGxvX21hZ2F6aW5lIiwiaXRlbV9wdWJsaXNoZWRfZGF0ZSI6IjIwMjMtMTItMjNUMDA6MDA6MDAuMDAwWiIsIml0ZW1fdHlwZSI6InByZXZpZXciLCJpdGVtX2Zvcm1hdCI6InByZXZpZXciLCJjb250ZW50X2Nvc3RfbW9kZWwiOiJmaXhlZCIsInBvc2l0aW9uX2luX2ZlZWQiOjEsImNvbnRlbnRfZml4ZWRfY29zdF93aW5kb3ciOiJtb250aGx5IiwiaXRlbV91cmwiOiJodHRwczovL21ldHJvem9uZS5uZXdzcm9vbWxhYnMuY29tL2FydGljbGUtaW50cm8vMTcyOTc2NjIiLCJhcnRpY2xlX3JhbmsiOjEsImV2ZW50X3ZhbHVlIjoiRmVlZGJhY2sgTWVudTogZmFsc2UifX0%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: _0aTJ3Am8YJV0aXSWwx39aBnKl45FS4e-SvBUPcBgagykKAMDtDQsg==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 223ms
174ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjIwMWE1NzNjLTA4OWYtNGZlMi04NDllLTFmYjAyZGI4Y2I3MyIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTQ5OTYsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNC45OTY5OTYiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjowLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiaXRlbV9pZCI6MTcyOTY4MzUsIml0ZW1faGVhZGVyIjoiVHJ1bXAgY2hhbmdlcyB0dW5lIG9uIFZQIEthbWFsYSBIYXJyaXMsIG5vdyBzYXlzIHNoZXMgYmV0dGVyIHRoYW4gQmlkZW4gZGVzcGl0ZSBoZXIgYmFkIG1vbWVudHMiLCJpdGVtX25hbWUiOiJhcnRpY2xlIiwiaXRlbV91bml0Ijoic21hbGwiLCJ0b3BpY19pZCI6ImxhdGVzdCIsImNvbnRlbnRfcHJvdmlkZXIiOiJvdXRicmFpbiIsImNvbnRlbnRfcHJvdmlkZXJfc291cmNlIjoibnlfcG9zdCIsIml0ZW1fcHVibGlzaGVkX2RhdGUiOiIyMDIzLTEyLTIyVDE2OjAzOjAwLjAwMFoiLCJpdGVtX3R5cGUiOiJwcmV2aWV3IiwiaXRlbV9mb3JtYXQiOiJwcmV2aWV3IiwiY29udGVudF9jb3N0X21vZGVsIjoiZml4ZWQiLCJwb3NpdGlvbl9pbl9mZWVkIjoyLCJjb250ZW50X2ZpeGVkX2Nvc3Rfd2luZG93IjoibW9udGhseSIsIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWludHJvLzE3Mjk2ODM1IiwiYXJ0aWNsZV9yYW5rIjoyLCJldmVudF92YWx1ZSI6IkZlZWRiYWNrIE1lbnU6IGZhbHNlIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: NOGZz4OTu_A_Pmf9R_MQXUG4bvXHmqYaCLDGZAcnuit6G9tSmZV86w==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 400ms
352ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjcxNWM4YTg1LWFhNzctNDI0Mi1hMzM5LWRlNGVlM2I1YTdjNCIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTQ5OTcsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNC45OTc5OTciLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjowLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiaXRlbV9pZCI6MTcyOTY1MTksIml0ZW1faGVhZGVyIjoiUG9saWNlIGFycmVzdCBDaGFybGllIFNoZWVuJ3MgbmVpZ2hib3IgYWZ0ZXIgYWN0b3Igc2F5cyBoZSB3YXMgYXNzYXVsdGVkIGF0IE1hbGlidSBob21lIiwiaXRlbV9uYW1lIjoiYXJ0aWNsZSIsIml0ZW1fdW5pdCI6InNtYWxsIiwidG9waWNfaWQiOiJicmVha2luZyIsImNvbnRlbnRfcHJvdmlkZXIiOiJ1cGkiLCJjb250ZW50X3Byb3ZpZGVyX3NvdXJjZSI6InVwaSIsIml0ZW1fcHVibGlzaGVkX2RhdGUiOiIyMDIzLTEyLTIyVDIyOjM5OjAwLjAwMFoiLCJpdGVtX3R5cGUiOiJwcmV2aWV3IiwiaXRlbV9mb3JtYXQiOiJwcmV2aWV3IiwiY29udGVudF9jb3N0X21vZGVsIjoiZml4ZWQiLCJwb3NpdGlvbl9pbl9mZWVkIjo0LCJjb250ZW50X2ZpeGVkX2Nvc3Rfd2luZG93Ijoibm9uZSIsIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWludHJvLzE3Mjk2NTE5IiwiYXJ0aWNsZV9yYW5rIjozLCJldmVudF92YWx1ZSI6IkZlZWRiYWNrIE1lbnU6IGZhbHNlIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: nm6MNeMHExauwj5InokYjI9ZMqDaoAjqc8NaRbo61gU6JRG0tBU33Q==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 385ms
338ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6ImY5NWM2ZTVjLTJiNDAtNGZjMC05YTRlLWI2Y2M1NmE2OTU2NiIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTQ5OTgsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNC45OTg5OTgiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjowLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiaXRlbV9pZCI6MTcyOTYyMDQsIml0ZW1faGVhZGVyIjoiRWFnbGVzIHJlcG9ydGVkbHkgdXJnZWQgUUIgSmFsZW4gSHVydHMgdG8gYmUgYSBtb3JlICdvdXR3YXJkJyBsZWFkZXIgaW4gdGhlIGxvY2tlciByb29tIiwiaXRlbV9uYW1lIjoiYXJ0aWNsZSIsIml0ZW1fdW5pdCI6InNtYWxsIiwidG9waWNfaWQiOiJzcG9ydHMiLCJjb250ZW50X3Byb3ZpZGVyIjoieWFyZGJhcmtlciIsImNvbnRlbnRfcHJvdmlkZXJfc291cmNlIjoieWFyZGJhcmtlciIsIml0ZW1fcHVibGlzaGVkX2RhdGUiOiIyMDIzLTEyLTIyVDIyOjI2OjAwLjAwMFoiLCJpdGVtX3R5cGUiOiJwcmV2aWV3IiwiaXRlbV9mb3JtYXQiOiJwcmV2aWV3IiwiY29udGVudF9jb3N0X21vZGVsIjoiZml4ZWQiLCJwb3NpdGlvbl9pbl9mZWVkIjo1LCJjb250ZW50X2ZpeGVkX2Nvc3Rfd2luZG93IjoibW9udGhseSIsIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWludHJvLzE3Mjk2MjA0IiwiYXJ0aWNsZV9yYW5rIjo0LCJldmVudF92YWx1ZSI6IkZlZWRiYWNrIE1lbnU6IGZhbHNlIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: t_05Oxqs6McaNMwwGb-nr6H0Fa1l94UKbmGYzQcjAHHYNOHSiUSf6Q==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 405ms
359ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjFmZTUyYzJkLTZkMzUtNDU2OC1hNTY5LWRmMGFkYWY0YmUyOCIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTQ5OTgsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNC45OTg5OTgiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjowLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiaXRlbV9pZCI6MTcyOTcyMTksIml0ZW1faGVhZGVyIjoiUGV0ZSBEYXZpZHNvbiBDYW5jZWxzIFNldmVyYWwgU2hvd3MsIENpdGluZyBVbmZvcmVzZWVuIENpcmN1bXN0YW5jZXMiLCJpdGVtX25hbWUiOiJhcnRpY2xlIiwiaXRlbV91bml0Ijoic21hbGwiLCJ0b3BpY19pZCI6ImVudGVydGFpbm1lbnQiLCJjb250ZW50X3Byb3ZpZGVyIjoicG1jIiwiY29udGVudF9wcm92aWRlcl9zb3VyY2UiOiJkZWFkbGluZSIsIml0ZW1fcHVibGlzaGVkX2RhdGUiOiIyMDIzLTEyLTIyVDIzOjM2OjQ5LjAwMFoiLCJpdGVtX3R5cGUiOiJwcmV2aWV3IiwiaXRlbV9mb3JtYXQiOiJwcmV2aWV3IiwiY29udGVudF9jb3N0X21vZGVsIjoiZml4ZWQiLCJwb3NpdGlvbl9pbl9mZWVkIjo2LCJjb250ZW50X2ZpeGVkX2Nvc3Rfd2luZG93IjoibW9udGhseSIsIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWludHJvLzE3Mjk3MjE5IiwiYXJ0aWNsZV9yYW5rIjo1LCJldmVudF92YWx1ZSI6IkZlZWRiYWNrIE1lbnU6IGZhbHNlIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: mMl8rjvJY-M1cY1QypEzXNzVx7u2_wreIFEjXgX0p1qv2oa-UTg41A==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
334 B 412ms
366ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjYxM2JiZDcwLWQzMWEtNDQ2Ni1iOTg0LTc0YWY3NzYwOWY3ZSIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTQ5OTksInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNC45OTk5OTkiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjowLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiaXRlbV9pZCI6MTcyOTA4NjIsIml0ZW1faGVhZGVyIjoiQ2hhcmxpZSBTaGVlbiBSZXBvcnRlZGx5IEF0dGFja2VkIGluIEhpcyBIb21lIGJ5IEhpcyBOZWlnaGJvciIsIml0ZW1fbmFtZSI6ImFydGljbGUiLCJpdGVtX3VuaXQiOiJzbWFsbCIsInRvcGljX2lkIjoibGlmZXN0eWxlIiwiY29udGVudF9wcm92aWRlciI6InRoZWFyZW5hZ3JvdXAiLCJjb250ZW50X3Byb3ZpZGVyX3NvdXJjZSI6InBhcmFkZV9jb20iLCJpdGVtX3B1Ymxpc2hlZF9kYXRlIjoiMjAyMy0xMi0yMlQxNjo0MToyOS4wMDBaIiwiaXRlbV90eXBlIjoicHJldmlldyIsIml0ZW1fZm9ybWF0IjoicHJldmlldyIsImNvbnRlbnRfY29zdF9tb2RlbCI6ImZpeGVkIiwicG9zaXRpb25faW5fZmVlZCI6OCwiY29udGVudF9maXhlZF9jb3N0X3dpbmRvdyI6Im1vbnRobHkiLCJpdGVtX3VybCI6Imh0dHBzOi8vbWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20vYXJ0aWNsZS1pbnRyby8xNzI5MDg2MiIsImFydGljbGVfcmFuayI6NiwiZXZlbnRfdmFsdWUiOiJGZWVkYmFjayBNZW51OiBmYWxzZSJ9fQ%3D%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: I6TSDZZQmVwTw1DZDiOm3VTSJRMUE_Y3IBwX_XH2VBIIVGwFfvmOCg==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 405ms
360ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjliZGE1ZTI1LTBjMjEtNDk4OC04OTdkLTgxMzBlODZkNjc0MyIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTUwMDAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNS4wMDAwMDAiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjoxLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiaXRlbV9pZCI6MTcyOTc3MDEsIml0ZW1faGVhZGVyIjoiV2lzY29uc2luIFN1cHJlbWUgQ291cnQgb3ZlcnR1cm5zIFJlcHVibGljYW4tZHJhd24gbGVnaXNsYXRpdmUgbWFwcyIsIml0ZW1fbmFtZSI6ImFydGljbGUiLCJpdGVtX3VuaXQiOiJzbWFsbCIsInRvcGljX2lkIjoicG9saXRpY3MiLCJjb250ZW50X3Byb3ZpZGVyIjoicmV1dGVycyIsImNvbnRlbnRfcHJvdmlkZXJfc291cmNlIjoicmV1dGVycyIsIml0ZW1fcHVibGlzaGVkX2RhdGUiOiIyMDIzLTEyLTIyVDIzOjQ4OjQ5LjAwMFoiLCJpdGVtX3R5cGUiOiJmdWxseSIsIml0ZW1fZm9ybWF0IjoiaG9zdGVkIiwiY29udGVudF9jb3N0X21vZGVsIjoiZml4ZWQiLCJwb3NpdGlvbl9pbl9mZWVkIjo5LCJjb250ZW50X2ZpeGVkX2Nvc3Rfd2luZG93IjoibW9udGhseSIsIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWNvbnRlbnQvMTcyOTc3MDEiLCJhcnRpY2xlX3JhbmsiOjcsImV2ZW50X3ZhbHVlIjoiRmVlZGJhY2sgTWVudTogZmFsc2UifX0%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: AHggUpznv8tSivYTV9t7-AAXMwaakOwgjcKA2dYeYqtUkgbM5ZKQhQ==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 226ms
181ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjFhZTg5OWFjLWJkNTUtNGE1ZC1hZGRjLTM5NGUwYWU0ZmJkNyIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTUwMDAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNS4wMDAwMDAiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjoxLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiaXRlbV9pZCI6MTcyODc2NjcsIml0ZW1faGVhZGVyIjoiSmVubmlmZXIgR2FybmVyIExvc2VzIGl0IG9uIENhbWVyYSBXaGVuIFNoZSBSZWFsaXplcyBXaGF0cyBCZWVuIEhpZGluZyBpbiB0aGUgQm90dG9tIG9mIEhlciBCYWNrcGFjayIsIml0ZW1fbmFtZSI6ImFydGljbGUiLCJpdGVtX3VuaXQiOiJzbWFsbCIsInRvcGljX2lkIjoibGlmZXN0eWxlIiwiY29udGVudF9wcm92aWRlciI6ImdhbGxlcnltZWRpYWdyb3VwIiwiY29udGVudF9wcm92aWRlcl9zb3VyY2UiOiJwdXJlX3dvdyIsIml0ZW1fcHVibGlzaGVkX2RhdGUiOiIyMDIzLTEyLTIyVDEzOjAwOjAwLjAwMFoiLCJpdGVtX3R5cGUiOiJwcmV2aWV3IiwiaXRlbV9mb3JtYXQiOiJwcmV2aWV3IiwiY29udGVudF9jb3N0X21vZGVsIjoiZml4ZWQiLCJwb3NpdGlvbl9pbl9mZWVkIjoxMCwiY29udGVudF9maXhlZF9jb3N0X3dpbmRvdyI6Im1vbnRobHkiLCJpdGVtX3VybCI6Imh0dHBzOi8vbWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20vYXJ0aWNsZS1pbnRyby8xNzI4NzY2NyIsImFydGljbGVfcmFuayI6OCwiZXZlbnRfdmFsdWUiOiJGZWVkYmFjayBNZW51OiBmYWxzZSJ9fQ%3D%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: QFC176YPivY7-mwYG7kblyaijH1OZQRODvDAIDO5hLajCK1Um8FG8g==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 402ms
358ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6ImIxZWE2MTRjLTdhOTUtNGMxMS04ZmI4LTMyOTU5Y2Y4MjhmNiIsImV2ZW50X2NvdW50ZXIiOjE3MDMyOTU1MTUwMDEsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjMtMTItMjMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyMy0xMi0yMyAwMjozODozNS4wMDEwMDEiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS4yIiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTAyMCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiI0NTBmYjY0Zi0xYjhlLTQzOWUtOWFlOS0xMDVmOGUwOTkxZWMiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiI1ODMwZGMzOS1mMGVhLTQxMmEtYTk3ZC1iZWNlMDZmODU0Y2YiLCJzdHJhdGVneV9pZCI6Im5vbmUiLCJyZXF1ZXN0X3RpbWVzdGFtcCI6IjE3MDMyOTU1MTQ2NjgiLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6Im5vbmUiLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjoxLCJhdXJhX3VzZXJfaWQiOiJjM2Q3NGI2YS1lOWQwLTQ1NjAtYjY3ZS0wYmJhYzg1NmUyMGEiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI3OTUiLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMi4yNS4zIiwiaXRlbV9pZCI6MTcyOTExMTEsIml0ZW1faGVhZGVyIjoiRm9ybWVyIE5GTCBwbGF5ZXIgTWlrZSBXaWxsaWFtcyBkaWVkIG9mIGRlbnRhbC1yZWxhdGVkIHNlcHNpcywgbWVkaWNhbCBleGFtaW5lciBzYXlzIiwiaXRlbV9uYW1lIjoiYXJ0aWNsZSIsIml0ZW1fdW5pdCI6InNtYWxsIiwidG9waWNfaWQiOiJsYXRlc3QiLCJjb250ZW50X3Byb3ZpZGVyIjoiYXAiLCJjb250ZW50X3Byb3ZpZGVyX3NvdXJjZSI6ImFwIiwiaXRlbV9wdWJsaXNoZWRfZGF0ZSI6IjIwMjMtMTItMjJUMTY6NDk6NTIuMDAwWiIsIml0ZW1fdHlwZSI6ImZ1bGx5IiwiaXRlbV9mb3JtYXQiOiJob3N0ZWQiLCJjb250ZW50X2Nvc3RfbW9kZWwiOiJmaXhlZCIsInBvc2l0aW9uX2luX2ZlZWQiOjEyLCJjb250ZW50X2ZpeGVkX2Nvc3Rfd2luZG93IjoibW9udGhseSIsIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWNvbnRlbnQvMTcyOTExMTEiLCJhcnRpY2xlX3JhbmsiOjksImV2ZW50X3ZhbHVlIjoiRmVlZGJhY2sgTWVudTogZmFsc2UifX0%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: rGAKVdYhuYOAcuIy2YozEViCXvtlfD7fwwBVqYTZuxaAVrV-knNbag==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 398ms
117ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1703295515006&sessionId=9f649e66-4f88-481c-023f-3ef034a4e3ac&url=metrozone.newsroomlabs.com&cheqSource=1&cheqEvent=2&responseTime=734
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 01:38:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e22fd062697815fa5e1704977530b47c
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
102 B 119ms
119ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00126aedc53cef428b999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60635f578aee5d5eb474fbd408dbd39e821da61c45085052aae2d05f91e46042ccf5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82e1808f77f69a8991d7aefd8f264ec57a917f0dd07c74cccd17cc22a2984db7299779ac0eda289bbe14b2ef579bee9af295036e8823197bc13ba451555d40f5ed4d3d99281b2c527df21d6deedc85ec54d5814aa5f0ddb97c2142487bc28f807b0954dcc2df42e461c019961e50adcc4aa7bea843fc646a7c19ccc7780191c2df2590243735173cbab2fb842c1dd9729a8916bfe903d9683e4f130cffea759613ed0ba1004cbb00a4b0ff8acba65b828d8b64ee58b33bb7ca0308950c809d6aa3bdb0724ecad8e653d397c002902400aace18d70cf04b741525e2afeb453c29e180ee2a5debabc6cc2f1f9fd86f8aff257523dfb4786b045738243651bd07f40706cf67ba76a04c3ebc1608a7cca248bab2fcca410987b0f22221e61129cc0e0dd2066549a184192cfc4bab0ca5605f3acaf2e84c5610fadc00e2e3beb9bd84a33f27697559b06f17cce509d9d518be577bcdfd18ccf5568aba27e369e64e5cda2a116d1&cb=1703295515006&cri=arQuAwZ6in
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Sat, 23 Dec 2023 01:38:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp&cc=1

85 B
195 B

150ms
150ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp&cc=1
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 7be2199884f7031cf6255db88efae889380a76154de982a416df10e64b28d8b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-WGD3Xg33A0gTRcz++w8UXHC0jBo"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://metrozone.newsroomlabs.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://metrozone.newsroomlabs.com
location: /esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 509E 14 KB
6 KB 142ms
51ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=metrozone.newsroomlabs.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 01:38:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 387588
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
205 B 152ms
61ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.4.0&cb=55381666092&lsavail=1

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://metrozone.newsroomlabs.com
date: Sat, 23 Dec 2023 01:38:34 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 162ms
55ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://metrozone.newsroomlabs.com
date: Sat, 23 Dec 2023 01:38:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
256 B 148ms
48ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b5b4f43f8b878586ff236d865533a3d395b31d9bdbe7b0fdf7e95784cccae75b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://metrozone.newsroomlabs.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 430 B
968 B 225ms
116ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24922&site_id=451424&zone_id=2632130&size_id=15&alt_size_ids=19%2C44&us_privacy=1YNN&rf=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&tg_i.domain=metrozone.newsroomlabs.com&tg_i.page=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&tg_i.pbadslot=%2F21815112799%2Fmetro%2Fismetrozone%2Fmobilewebview%2Fdisplay%2Fwrtop&tk_flint=pbjs_lite_v8.4.0&l_pb_bid_id=1034cc06696d8a5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F21815112799%2Fmetro%2Fismetrozone%2Fmobilewebview%2Fdisplay%2Fwrtop&slots=1&rand=0.722227965235483
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bc4cb8a5000fbfe40bf1147f0f2a553e223938981f829127f034c381a6516812

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:35 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://metrozone.newsroomlabs.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 430
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
556 B 183ms
116ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=903830
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbba4434f3c12b7092e14d8534d4ed33cf226c09dfc701c08589040a71f7a678

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt0k2fDODTOqvU4MRoJtCTTAYcKAGMjiQuA0YBOWfXato9NbswkjzPfyIwEdlJU8ODCWWt%2FHjALsGdH3FgPeyjwI%2Fx5g%2BIaiHEN1X9SA8wpDzJZBgjfP2%2FBj7F52BEpaUSB6yOEz"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://metrozone.newsroomlabs.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 839ce2ca99674480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 509E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsroomlabs.com&sn=ChromeSyncframe&so=0&topUrl=metrozone.newsroomlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=l0Cg-nx5WG92cFdVejE1dzE1aFJjc2ljQmxSTm44a2JYaHpzZHhPV2ZvVWlTUnlsSmNSTTdOOTJJY3BNRmcrby9iZEt5L2hHYkc5Zk5aWHRid2t3QmNDMGNybUNiS2d3M000MmgwRTNxcHZoU1hnanRMeUd3UWljYWRkS2...

454 B
674 B

46ms
46ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=l0Cg-nx5WG92cFdVejE1dzE1aFJjc2ljQmxSTm44a2JYaHpzZHhPV2ZvVWlTUnlsSmNSTTdOOTJJY3BNRmcrby9iZEt5L2hHYkc5Zk5aWHRid2t3QmNDMGNybUNiS2d3M000MmgwRTNxcHZoU1hnanRMeUd3UWljYWRkS2VaUWFsT2x6NDFwR3Q2Z3hCYTM2SXdZUDg3bGdMWklJWkc2TzZzVnlXSGxOS0MyWEVKWEsxcjBlSWZYdHU3VjNCSkV1UWxkQkpaWmZrbitZRzBNdDUwdyt5REwrZHU4Sk5CaWNZWHhsSkpjckRRVjg2c0dxSFd2WWpyR1cwSTN0S2J3dDdKYnIwSGZ5OWtLSkhlbUlzZlFvam9yYWxHTERlalJkejc3YVkzdVNnSm9BMk5OWT18&cppv=2

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

469b506e2cc063436fe5a5fa44e9eb9f7a7403d1f7082893765ee56cbc4af81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1197901
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=l0Cg-nx5WG92cFdVejE1dzE1aFJjc2ljQmxSTm44a2JYaHpzZHhPV2ZvVWlTUnlsSmNSTTdOOTJJY3BNRmcrby9iZEt5L2hHYkc5Zk5aWHRid2t3QmNDMGNybUNiS2d3M000MmgwRTNxcHZoU1hnanRMeUd3UWljYWRkS2VaUWFsT2x6NDFwR3Q2Z3hCYTM2SXdZUDg3bGdMWklJWkc2TzZzVnlXSGxOS0MyWEVKWEsxcjBlSWZYdHU3VjNCSkV1UWxkQkpaWmZrbitZRzBNdDUwdyt5REwrZHU4Sk5CaWNZWHhsSkpjckRRVjg2c0dxSFd2WWpyR1cwSTN0S2J3dDdKYnIwSGZ5OWtLSkhlbUlzZlFvam9yYWxHTERlalJkejc3YVkzdVNnSm9BMk5OWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 285046
content-length: 0
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
15 KB 429ms
429ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2934999636249447&correlator=358067735622010&eid=31080129&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21815112799%2Cmetro%2Cismetrozone%2Cmobilewebview%2Cdisplay%2Cwrtop&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x50%7C300x100&ifi=1&didk=3845625991&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703295515453&lmt=1700056343&adxs=650&adys=337&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=19602290.1703295515&ga_sid=1703295515&ga_hid=1512271888&ga_fc=false&cbidsp=CqwBCAESFQoGY3JpdGVvEJ0BIAJSBmNyaXRlbxIZCghwdWJtYXRpYxClASACUghwdWJtYXRpYxITCgVvcGVueBCXASACUgVvcGVueBIXCgdydWJpY29uEOUBIAJSB3J1Ymljb24SDQoCaXgQuwEgAlICaXgYAiIkOWJiYWU5MTEtMTNiMS00ODY1LWI0NjQtZTAwOGQ1YjM4NGRkKgQIAyAAMgZ2OC40LjBA0A9KAA..&dlt=1703295513833&idt=380&cust_params=content_topic%3Dpolitics%252Ctrending%252Clatest%252Clocal%252Cbreaking%252Centertainment%252Cworld%252Cfinance%252Ctechnology%252Cscience%252Csports%252Chealth%252Cculture%252Clifestyle%252Cmusic%252Cautos%252Cgaming%252Ctravel%252Cenvironment%252Cbusiness%252Cfood_dining%252Cparenting%252Cpets%252Cfitness%252Cgardening%252Carchitecture%252Cbeauty%252Cfun%26frontend_version_name%3D1.1.2%26backend_version_name%3D2.25.3%26entry_point%3Dportal%26experience%3Dportal%26customer%3Dmetro%26operating_system_ver%3D10%26model_id%3D33%26language%3Den%26local%3Den-us&adks=3963916539&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f62ae4a2ed5f898342be97dd158a57abc22401318038b8af45a8396dc461731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14826
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://metrozone.newsroomlabs.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b322441df9b36e104884fb276dbaf744.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9BBA 6 KB
3 KB 175ms
48ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b322441df9b36e104884fb276dbaf744.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 01:38:35 GMT
expires: Sun, 22 Dec 2024 01:38:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 134ms
134ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhZCBzaG93biIsImV2ZW50X2lkIjoiOTIzMTA3YmYtNDRlNi00OTMwLWIyMzctMDlmMjgxMjQ0ODM0IiwiZXZlbnRfY291bnRlciI6MTcwMzI5NTUxNTQ2NiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZW5nYWdlZF9pbl9hcHBfZXZlbnRfZmxhZyI6MCwiaW5fYXBwX2V2ZW50X2ZsYWciOjEsImNsaWVudF9kYXRlIjoiMjAyMy0xMi0yMyIsImNsaWVudF90aW1lc3RhbXAiOiIyMDIzLTEyLTIzIDAyOjM4OjM1LjQ2NjQ2NiIsInNjcmVlbl9uYW1lIjoiZm9yIHlvdSIsImV2ZW50X2NhdGVnb3J5IjoicG9ydGFsIHByb2R1Y3QgZnVubmVsIiwiZnJvbnRlbmRfdmVyc2lvbl9uYW1lIjoiMS4xLjIiLCJyZXBvcnRfdHlwZSI6IndlYiAtIGNzciIsImZyb250ZW5kX3ZlcnNpb25fY29kZSI6MTAxMDIwLCJlbnRyeV9wb2ludCI6InBvcnRhbCIsInNlc3Npb25fY291bnRlciI6MSwic2Vzc2lvbl9pZCI6IjQ1MGZiNjRmLTFiOGUtNDM5ZS05YWU5LTEwNWY4ZTA5OTFlYyIsInRhYl9uYW1lIjoidHJlbmRpbmciLCJlbnRyeV9wb2ludF9tb2RlbF9pZCI6IjMzIiwibW9kZWxfaWQiOiIzMyIsIml0ZXJhdGlvbl9pZCI6IjU4MzBkYzM5LWYwZWEtNDEyYS1hOTdkLWJlY2UwNmY4NTRjZiIsInN0cmF0ZWd5X2lkIjoibm9uZSIsInJlcXVlc3RfdGltZXN0YW1wIjoiMTcwMzI5NTUxNDY2OCIsIm5vbl9wZXJzb25hbGl6ZWRfZmlyc3RfaW5kZXgiOiJub25lIiwicmFua2luZ190eXBlIjoibm9uZSIsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjEsImF1cmFfdXNlcl9pZCI6ImMzZDc0YjZhLWU5ZDAtNDU2MC1iNjdlLTBiYmFjODU2ZTIwYSIsInVzZXJfYWJfdGVzdF9pZCI6Ijc5NSIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIyLjI1LjMiLCJpdGVtX2lkIjoiNmZjMzY3ZDYtYTI5Ni00Y2RmLTg0NDYtZTcxMzNlMGRiNDZhIiwiaXRlbV9uYW1lIjoiYWQiLCJpdGVtX3VuaXQiOiJtZWRpdW0iLCJtb25ldGl6YXRpb25fY29zdF9tb2RlbCI6ImNwYyIsIm1vbmV0aXphdGlvbl9wcm92aWRlciI6Im91dGJyYWluIiwicG9zaXRpb25faW5fZmVlZCI6OCwiaXRlbV91cmwiOiJtZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS8iLCJpdGVtX2Zvcm1hdCI6Im5hdGl2ZSIsImZzZF91bml0IjoiIiwiZnNkX3VuaXRfcGF0dGVybiI6IiIsIm1vbmV0aXphdGlvbl9wcm92aWRlcl9hZF91bml0X2lkIjoiTUJfMTIiLCJtb25ldGl6YXRpb25fcHJvdmlkZXJfYWRfdW5pdF9uYW1lIjoiUFRfTUlEIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: aQvwIABXsqHepuS1R3rIou-NhvJ5Fv1eYcjKOLjYtSZfTsZHHGP7mw==

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 4 KB
4 KB 43ms
42ms Image
image/svg+xml 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 01:38:35 GMT
date: Sat, 23 Dec 2023 01:38:35 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "1415406c6886077dae89bf474cd6c146:1701762093.651712"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 4128
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 44ms
44ms Image
image/svg+xml 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 22 Jan 2024 01:38:35 GMT
date: Sat, 23 Dec 2023 01:38:35 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 471ms
118ms Fetch
text/plain 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=c6e8cc3ea1cf37cbc0047b60af3fb9c7_71118_1703295515367&tm=1367&eT=0&widgetWidth=1576&widgetHeight=80&widgetX=12&widgetY=647&wRV=2010564&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=478&oo=true&lo=543&obreq=396&odbreq=1447&odbres=1925&cet=4g&to=1703295513538.7&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 01:38:35 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 4412eeea156b848af3d81f9da3c1ad3c
Content-Length: 6

GET
H2 200 platforms Show response
mv.outbrain.com/Multivac/api/ 5 KB
2 KB 159ms
159ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/platforms?contentUrl=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&idx=1&rand=13048&app_ver=2.25.3&widgetJSId=MB_13&va=true&et=true&format=html&psub=www.metropcs.mobi&app_id=com.metropcs.metrozone&t=YTcyNTBjZWFhZTY5ZDk5YzFhZWUxNTYwYTJhYTNlZGQ=&clss=gBEkaEeDhbSgH7435SdPNYvrApBpF6bCYnSOm7DEmr2S2hdoGoTgLlyyLwvIFue6ZcUznMS2N8EeOTR%2F&extid=w%3DPT_BOTTOM%2Cac%3Dmetro%2Cdmo%3D%2Cep%3Dportal%2Ccv%3D%2Cabt%3D&extid2=cp%3D%2Ccps%3D%2Cmid%3D33%2Cla%3Den%2Clo%3Den-us%2Cfvn%3D1.1.2&px=12&py=1047&vpd=0&cw=1576&settings=true&recs=true&key=IRONS2K1OLEJM4GB4HGIQAFE9&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010564&sig=3Vw6rdfK&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1c2c0c756a6475904deffce045e909c20ab33577618f95b7228ae16b99256ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 23 Dec 2023 01:38:35 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1703295515.493091,VS0,VE121
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21953-LGA, cache-fra-eddf8230112-FRA
x-traceid: a1cee520238350b4f595c957f65b8777
accept-ranges: bytes
content-length: 2338
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 6B32 4 KB
2 KB 42ms
42ms Document
text/html 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Sat, 23 Dec 2023 01:38:35 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Sat, 30 Dec 2023 01:38:35 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 eyJpdSI6IjY3NGUxODdhNmRlMTIxYjllOGE5Mzk5MmZlZjA3NWE0ZDRmMWQ1OGRkNGU1ZGNiNmI4OWNiMzkzNGRjMDFhMWEiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 9 KB
10 KB 145ms
42ms Image
image/webp 95.101.197.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjY3NGUxODdhNmRlMTIxYjllOGE5Mzk5MmZlZjA3NWE0ZDRmMWQ1OGRkNGU1ZGNiNmI4OWNiMzkzNGRjMDFhMWEiLCJ3IjoyNDAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.197.152 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-197-152.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2b350305ba8397097fe12b82287f7d65ac5362ddc29826756207e6e92ae98830

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
last-modified: Thu, 07 Dec 2023 14:16:18 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1199647
access-control-allow-credentials: false
x-traceid: 7adda4b272707d394b51292163b29f2b
timing-allow-origin: *, *
content-length: 9516

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 116ms
116ms Fetch
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=c6e8cc3ea1cf37cbc0047b60af3fb9c7&pvId=a7250ceaae69d99c1aee1560a2aa3edd&sid=9636746&pid=71118&idx=0&wId=569&pad=1&org=0&tm=1383&eT=3&cnsnt=no_consent&wRV=2010564&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 01:38:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 402a8743ebd75ab728d885db5861f168
Content-Length: 4
Expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 4D6C 199 B
298 B 152ms
48ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Sat, 23 Dec 2023 01:38:35 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
334 B 323ms
323ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhZCBzaG93biIsImV2ZW50X2lkIjoiMzNjZDNjMjctMWM5Yy00MWNmLTk2NTYtNWMzMGFmNTNhMTEwIiwiZXZlbnRfY291bnRlciI6MTcwMzI5NTUxNTYzNiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZW5nYWdlZF9pbl9hcHBfZXZlbnRfZmxhZyI6MCwiaW5fYXBwX2V2ZW50X2ZsYWciOjEsImNsaWVudF9kYXRlIjoiMjAyMy0xMi0yMyIsImNsaWVudF90aW1lc3RhbXAiOiIyMDIzLTEyLTIzIDAyOjM4OjM1LjYzNjYzNiIsInNjcmVlbl9uYW1lIjoiZm9yIHlvdSIsImV2ZW50X2NhdGVnb3J5IjoicG9ydGFsIHByb2R1Y3QgZnVubmVsIiwiZnJvbnRlbmRfdmVyc2lvbl9uYW1lIjoiMS4xLjIiLCJyZXBvcnRfdHlwZSI6IndlYiAtIGNzciIsImZyb250ZW5kX3ZlcnNpb25fY29kZSI6MTAxMDIwLCJlbnRyeV9wb2ludCI6InBvcnRhbCIsInNlc3Npb25fY291bnRlciI6MSwic2Vzc2lvbl9pZCI6IjQ1MGZiNjRmLTFiOGUtNDM5ZS05YWU5LTEwNWY4ZTA5OTFlYyIsInRhYl9uYW1lIjoidHJlbmRpbmciLCJlbnRyeV9wb2ludF9tb2RlbF9pZCI6IjMzIiwibW9kZWxfaWQiOiIzMyIsIml0ZXJhdGlvbl9pZCI6IjU4MzBkYzM5LWYwZWEtNDEyYS1hOTdkLWJlY2UwNmY4NTRjZiIsInN0cmF0ZWd5X2lkIjoibm9uZSIsInJlcXVlc3RfdGltZXN0YW1wIjoiMTcwMzI5NTUxNDY2OCIsIm5vbl9wZXJzb25hbGl6ZWRfZmlyc3RfaW5kZXgiOiJub25lIiwicmFua2luZ190eXBlIjoibm9uZSIsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjEsImF1cmFfdXNlcl9pZCI6ImMzZDc0YjZhLWU5ZDAtNDU2MC1iNjdlLTBiYmFjODU2ZTIwYSIsInVzZXJfYWJfdGVzdF9pZCI6Ijc5NSIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIyLjI1LjMiLCJpdGVtX2lkIjoiNDg2MjY0YmYtOWRjNC00YTAzLWIzZTctNGIwOWQ1NTBiZTZjIiwiaXRlbV9uYW1lIjoiYWQiLCJpdGVtX3VuaXQiOiJtZWRpdW0iLCJtb25ldGl6YXRpb25fY29zdF9tb2RlbCI6ImNwYyIsIm1vbmV0aXphdGlvbl9wcm92aWRlciI6Im91dGJyYWluIiwicG9zaXRpb25faW5fZmVlZCI6MTIsIml0ZW1fdXJsIjoibWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20vIiwiaXRlbV9mb3JtYXQiOiJuYXRpdmUiLCJmc2RfdW5pdCI6IiIsImZzZF91bml0X3BhdHRlcm4iOiIiLCJtb25ldGl6YXRpb25fcHJvdmlkZXJfYWRfdW5pdF9pZCI6Ik1CXzEzIiwibW9uZXRpemF0aW9uX3Byb3ZpZGVyX2FkX3VuaXRfbmFtZSI6IlBUX0JPVFRPTSJ9fQ%3D%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: XJJnpyPOONSJhWOeoPBpvyLkdHmM4ShTNSWGJanRYFQTQFHJXKXJBg==

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 116ms
116ms Fetch
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=13a9ed86d4b074771341a169902f62f1&pvId=a7250ceaae69d99c1aee1560a2aa3edd&sid=9636746&pid=71118&idx=1&wId=736&pad=0&org=0&tm=1536&eT=0&cnsnt=no_consent&widgetWidth=1576&widgetHeight=0&widgetX=12&widgetY=1047&wRV=2010564&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=161&oo=true&lo=543&obreq=396&odbreq=1936&odbres=2096&cet=4g&to=1703295513538.7&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 01:38:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 917847af02101db8499ff95ada567589
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
371 B 120ms
120ms Fetch
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=13a9ed86d4b074771341a169902f62f1&pvId=a7250ceaae69d99c1aee1560a2aa3edd&sid=9636746&pid=71118&idx=1&wId=736&pad=0&org=0&tm=1550&eT=3&cnsnt=no_consent&wRV=2010564&pVis=0&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 01:38:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 0159372dd9c0e62d2acbab6f14e36a8d
Content-Length: 4
Expires: 0

GET
H2 200 ef31d1f0099d35002cd6d4ce44f64fea
cloudinary-res-news.isappcloud.com/image/upload/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/aura-news/article_assets/ 15 KB
15 KB 44ms
44ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/upload/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/aura-news/article_assets/ef31d1f0099d35002cd6d4ce44f64fea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ab9936ffd886c240cfc6f2bf515deb7ed56998c78cb2bd4cf314fdef37843c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:15:12 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 26603
x-cache: Hit from cloudfront
content-length: 14856
x-request-id: c8cda2b44dbae6bc904e0ff89628e6b7
last-modified: Fri, 22 Dec 2023 17:20:20 GMT
server: Cloudinary
etag: "2c6d80d21d3fa536ff679f33c8cdbbd3"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 8-u6rtIgfuIM0SbHHx0ikajnaiRB4KlcbQObDD7nwQ55YEu_RZONaQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 173ms
86ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22e05ae767a8d633a38e36b6a8ec9c824a1b88ce54aa7681bd11a7d5c1404626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12162
x-xss-protection: 0

GET
H2 200 ef31d1f0099d35002cd6d4ce44f64fea
cloudinary-res-news.isappcloud.com/image/upload/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/aura-news/article_assets/ 15 KB
15 KB 43ms
43ms Image
image/jpeg 2600:9000:2490:1a00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/upload/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/aura-news/article_assets/ef31d1f0099d35002cd6d4ce44f64fea

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:1a00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ab9936ffd886c240cfc6f2bf515deb7ed56998c78cb2bd4cf314fdef37843c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:15:12 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 26603
x-cache: Hit from cloudfront
content-length: 14856
x-request-id: c8cda2b44dbae6bc904e0ff89628e6b7
last-modified: Fri, 22 Dec 2023 17:20:20 GMT
server: Cloudinary
etag: "2c6d80d21d3fa536ff679f33c8cdbbd3"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PwBpdGsJZceWdx9KIrapT8LZ8lkvcBHxNJg7TXqcZ5u5d4L22_ZYmg==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 193ms
101ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 01:38:36 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame AEDD 196 KB
56 KB 170ms
41ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 11:48:30 GMT
age: 222606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Dec 2024 11:48:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame AEDD 15 KB
5 KB 254ms
126ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 11:48:30 GMT
age: 222606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Dec 2024 11:48:30 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame AEDD 95 KB
28 KB 259ms
130ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 11:48:30 GMT
age: 222606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Dec 2024 11:48:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame AEDD 5 KB
2 KB 242ms
114ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 11:48:31 GMT
age: 222605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Dec 2024 11:48:31 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame AEDD 40 KB
13 KB 246ms
118ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 20 Dec 2023 11:48:31 GMT
age: 222605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Dec 2024 11:48:31 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AEDD 6 KB
1 KB 138ms
51ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 01:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 00:37:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 01:38:36 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEDD 2 KB
3 KB 116ms
40ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 11:53:15 GMT
x-content-type-options: nosniff
server: cafe
age: 49521
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 23 Dec 2023 11:53:15 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame AEDD 295 B
664 B 114ms
39ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 17:24:32 GMT
x-content-type-options: nosniff
server: cafe
age: 29644
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 23 Dec 2023 17:24:32 GMT

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 145ms
145ms XHR
application/json 65.9.66.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhZCBzaG93biIsImV2ZW50X2lkIjoiZmQ5YTFjYWUtZmI3MC00NjI4LTk3NzEtZDY0NDgzNDU5OWJmIiwiZXZlbnRfY291bnRlciI6MTcwMzI5NTUxNTkxMSwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwiZW5nYWdlZF9pbl9hcHBfZXZlbnRfZmxhZyI6MCwiaW5fYXBwX2V2ZW50X2ZsYWciOjEsImNsaWVudF9kYXRlIjoiMjAyMy0xMi0yMyIsImNsaWVudF90aW1lc3RhbXAiOiIyMDIzLTEyLTIzIDAyOjM4OjM1LjkxMTkxMSIsInNjcmVlbl9uYW1lIjoiZm9yIHlvdSIsImV2ZW50X2NhdGVnb3J5IjoicG9ydGFsIHByb2R1Y3QgZnVubmVsIiwiZnJvbnRlbmRfdmVyc2lvbl9uYW1lIjoiMS4xLjIiLCJyZXBvcnRfdHlwZSI6IndlYiAtIGNzciIsImZyb250ZW5kX3ZlcnNpb25fY29kZSI6MTAxMDIwLCJlbnRyeV9wb2ludCI6InBvcnRhbCIsInNlc3Npb25fY291bnRlciI6MSwic2Vzc2lvbl9pZCI6IjQ1MGZiNjRmLTFiOGUtNDM5ZS05YWU5LTEwNWY4ZTA5OTFlYyIsInRhYl9uYW1lIjoidHJlbmRpbmciLCJlbnRyeV9wb2ludF9tb2RlbF9pZCI6IjMzIiwibW9kZWxfaWQiOiIzMyIsIml0ZXJhdGlvbl9pZCI6IjU4MzBkYzM5LWYwZWEtNDEyYS1hOTdkLWJlY2UwNmY4NTRjZiIsInN0cmF0ZWd5X2lkIjoibm9uZSIsInJlcXVlc3RfdGltZXN0YW1wIjoiMTcwMzI5NTUxNDY2OCIsIm5vbl9wZXJzb25hbGl6ZWRfZmlyc3RfaW5kZXgiOiJub25lIiwicmFua2luZ190eXBlIjoibm9uZSIsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjEsImF1cmFfdXNlcl9pZCI6ImMzZDc0YjZhLWU5ZDAtNDU2MC1iNjdlLTBiYmFjODU2ZTIwYSIsInVzZXJfYWJfdGVzdF9pZCI6Ijc5NSIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIyLjI1LjMiLCJpdGVtX2lkIjoiOTRjZmIwYmUtOTQ0My00ODYzLWE0OGYtODRkNTlmNGEwYWEyIiwiaXRlbV9uYW1lIjoiYWQiLCJpdGVtX3VuaXQiOiJtZWRpdW0iLCJtb25ldGl6YXRpb25fY29zdF9tb2RlbCI6ImNwbSIsIm1vbmV0aXphdGlvbl9wcm92aWRlciI6ImdhbSIsInBvc2l0aW9uX2luX2ZlZWQiOjQsIml0ZW1fdXJsIjoibWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20vIiwiaXRlbV9mb3JtYXQiOiJiYW5uZXIiLCJmc2RfdW5pdCI6bnVsbCwiZnNkX3VuaXRfcGF0dGVybiI6bnVsbCwibW9uZXRpemF0aW9uX3Byb3ZpZGVyX2FkX3VuaXRfbmFtZSI6Ii8yMTgxNTExMjc5OS9tZXRyby9pc21ldHJvem9uZS9tb2JpbGV3ZWJ2aWV3L2Rpc3BsYXkvd3J0b3AiLCJhZF9zaXplIjoiMzAweDI1MCIsImFkX3NlcnZlcl90YXJnZXRpbmciOiIiLCJhZF9hZHZlcnRpc2VyX2lkIjo0NzU0NDI5NDE3fX0%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-326855bf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-120.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:35 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: 6887jw2nwVPYuaKv10uvE8nfwWfhIXLb6AW5OnnarOIlPYyyOi2tTQ==

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/856744477973371589/ Frame AEDD 45 KB
45 KB 109ms
42ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/856744477973371589/2076313506083323656

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f11d4fa3651a9e08bf47153346059d54ab1e9a3cdf3d5c1f726e18cbb6bb5695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 23:03:49 GMT
date: Tue, 19 Dec 2023 23:03:49 GMT
x-content-type-options: nosniff
age: 268487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45681
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 05:33:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame AEDD 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4d420891afc1e9cbae9af31e7f916063541c6125afde2512c4fd55f9e1e1cc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AEDD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c2f4025077fe916d4e29765b3d24f1de8c344dda3b540fd1a7d0dc35cf09174

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AEDD 15 KB
16 KB 142ms
50ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:53:59 GMT
x-content-type-options: nosniff
age: 319477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:53:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AEDD 15 KB
16 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 00:08:38 GMT
x-content-type-options: nosniff
age: 350998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 00:08:38 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1128 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17797
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 20:41:59 GMT
expires: Sat, 21 Dec 2024 20:41:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 359D 829 B
1 KB 136ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8270e1388e12e9de8232da5d2bf598c7e73ad91c91610f9215a137d7e25c234f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6bRYKa6PlwEwQpcWTL287w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6bRYKa6PlwEwQpcWTL287w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 01:38:36 GMT
expires: Sat, 23 Dec 2023 01:38:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1128 39 KB
15 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:41:59 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AEDD 0
0 85ms
84ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CuBIqGzqGZdyFH9Xe9u8PloeeyAeI26OYdLj_2J78Eb_hHhABIJrdnnRgleqbgqwHoAGAxrqLA8gBCakC8suANuF5sj7gAgCoAwHIAwqqBOYCT9C5CuKRMu6Bru_BVy658m_6uvv9thrX6ZTu3G1szgnj4bRP_8EEsD5oyUA2IlTZxycO2CVCQc8ng8KU68dFLySh7MstBQ8WmSZLZReJ4qc8B0y1HJ21AeUoY_dsToVXFv7eP84uLsCq7yyVjeSpfLGEL4VcCDH4dYVtFSoBfw7AtR8rpZ57GuY780Je20R8tjSZzE8QKaDxI2UMOFCUICvdUR-6CRrIDCCz9EJvKEDE56o9iAApcSWtftQwsJ-CtOC5EeKUMR1bKam3hoXtZ-B7k80XmSaEurn94y-YH58pUaZ_sEJ_nwZc23GwPbOejrF7yH_B63BaQYUslPRM3c3itM0iyxgAFT-DEyd7ghWuLi4eXTWb3vn0P2Ijzd0abQovTFt0Tr-Ko3riWzpaLtoF-n1DjUnk0KAmXeyklViiRimWbUOp2cJTjEOLPaF8tKh6uvLSe1WaNNY0_MLLsJwyR48k0cAE_8HGj_oB4AQBiAXMjKm8BZIFBAgEGAGSBQQIBRgEoAYugAfoucV0qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ_eQ90ggfCJDhgFAQARgdMgKrAzoCgEBIvf3BOliF6JehtqSDA5oJH2h0dHBzOi8vd3d3LnBvbGl6ZWktc3R1ZGl1bS5kZS-ACgPICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLiDRMIp5CYobakgwMVVa_9Bx2Wgwd5uBPkA9gTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi01MDQ0MzEwODI0MzczODc5GOOVcLIYBBICi1Q&sigh=Kg8kKJ7EMBA&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_WHPbDz0YmQN__qmOWPFimecF3HFo5ShViRJlk8kYWUE3Amnppcfbx-7P9UpMFpfZQ43c0W1z1jkTx8ezxHVUtV5hfmB2bAGtHY4YAQ&template_id=484&cbvp=2
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 359D 0
0 73ms
73ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=2934999636249447&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1128 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OI1fbw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=2934999636249447&bg=!qKulq-TNAAY3kmNgF5I7ADQBe5WfOBrZ8lS7k3pQaR47IueDxbWShoQ_OlvV8CQ1ClV9vx9cmMrvnn5WdI6Ob_PnnftOAgAAADdSAAAAA2gBBwoAjAApkuaSYEB_snivJGdJz2yExiUkFUG8B0CdZH007khIjTiLTix6cQIQih7m6JombeMZDs4FHUH5UrUQtc06naErEC2DgRLfRdig5S94QnFFhTVdXD0HsIMV65gDKmgjzxUjSTkINdd2eIZMegllkRGG1trQ76_m-SWRAI3KdwurXlOhbfeesE8y1YzCmQLw-zRndBX26WLv3MyrgTeWKbqU5YeE_s7_6ezKvOygyTMIClwovKGotx5v3IA-bhiVfB77-WPn14y81OKTl7kl3dK6mqixl5gIFKelz9NHI4ePY6g5ZqVyU-dRf731gJM_pQJENv30AOt66gb4EaaDTuJbyS3byzOX3d8UL3KuNqZmFh4EIlfjla90oy82QFf7veGk4fbpECusfNTSM6_NUYHvBky0Mf7X8IiBGYoH5_YinlGnRzMr4jrlykjLTbJgtzJHBkCrtV9KV1G0s6qBN4qB5lCx6f8t6CzxvyHCeTlepxRZDilCJYz2Dw9ZxEPDYCMvjvMEzagGZ11TvgIAOo5NgUtgsRIIfTVF5cpu16M4h3glYo8bG3OAIWAmccvhR_GVqqgapOl-xxNMOXI3fn-V2kRcf6l7BAui8U6Zn-U9eqDLHVcieIx_FZ0B1NsoUNInfSmo7EtEpvPzcv7OCqyCC9xPdiu61VbSS6lxScsbIuQNtai0VO2Ho4DF1Xlr5B8skeRwSpeyKGA3CW9ZlO2s1_ziBkVk6UiKlkqgnig7XNLwUABjVTvvlbZJwN25eUg3x6VF4V3paTeTTL1fXFcQtGSqr66WjWTj9CXZzbroHAL47wRF6lBB47jrQS90S19OFYu1OXySAksZGGqDeUIMTpWq3wlcmFjb2FTlZNGPfKtcMUlXpiLTHk-YdKS0Piee-jjDO50zKcrzHw-SHvJBppSmjOgogVdX6V9CTQXfzmvmNM86EyV85aZtfG5ccvxr65jZggNuk8u_H8V1fNe4oLMkpH456HT_K0pkrrPfJV2UIqJM3aAk8KDgS2xzxEiIE21jU02n8ETWAkC37AGE5Wf4mj31RvTO1foml8SNtgs0gU6tHEGtIiksUVdz8vQ_aznRXl89EI8V4iHPHNdvdThzHrdxYxx052Odipw5A2yA_CgXnhQ7OZjuplMRvTC9PIQLZCuW76zvwMqsVvRS4GIYmeQbXSO9FHrOoHg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AEDD 42 B
64 B 76ms
76ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0zTY1UypRRZzlER01xPIaeGbvKFhJv9z8ARJSTBqWHRPmneRlXBDtmmHTCXimbSsnMhTrxjLVqZAbspyvYBEODM9HLepQSrfORCdgD4_q8_bry_nDjdAG35piybpCkuK-MkSLn1T1jbLaKh_g1tzbsRdEy6mncgCBcBFE8gt-Y7iWnk4jFaQ&sai=AMfl-YTr7mYfSHQ8zuQyPPV_2q7gJV15KvXAVdPpstvkLRWHP-izPtYIxpycEBqKev9q0UNlBsQgpizS3HjHWATHFyvtZggrig0xzX3X-sZx05dw9bpO6c3Y926axYSWVraHp6AXhJ18hsqG1V5K78dodA&sig=Cg0ArKJSzO5N0LSf7UZSEAE&cid=CAQSTwAvHhf_WHPbDz0YmQN__qmOWPFimecF3HFo5ShViRJlk8kYWUE3Amnppcfbx-7P9UpMFpfZQ43c0W1z1jkTx8ezxHVUtV5hfmB2bAGtHY4YAQ&id=ampim&o=650,337&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=302&tls=1302&g=100&h=100&tt=1302&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 62ms
62ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Dec 2023 01:38:37 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C710 14 KB
6 KB 51ms
51ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=metrozone.newsroomlabs.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 01:38:37 GMT
server: Kestrel
server-processing-duration-in-ticks: 892857
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 181ms
90ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:37 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 24 Dec 2023 01:38:37 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C710
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=newsroomlabs.com&sn=ChromeSyncframe&so=3&topUrl=metrozone.newsroomlabs.com&bundle=CkNE019lTnpvbUxqZ0Z0YVFSMWNsRVZicHR1enlLTFdLJTJGVGRkNGJ3...
https://mug.criteo.com/sid?cpp=8d1n63xMUklrQ3ptZ3hpTXVvL2NJV1BZaTJjSStWeGpBc3F2NWc3bnZOQ0Y5R0pucEppTitZN04xVUdFUThJa3ZRTGMwaU5Ic2ZSWkU1MlZaZXF6ZjlHYlE4SjZsRWI2cWZ5Z2hjd1F5NUgwUVZWZlRMcmdnRmJ0YXRJaC...

441 B
682 B

46ms
46ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8d1n63xMUklrQ3ptZ3hpTXVvL2NJV1BZaTJjSStWeGpBc3F2NWc3bnZOQ0Y5R0pucEppTitZN04xVUdFUThJa3ZRTGMwaU5Ic2ZSWkU1MlZaZXF6ZjlHYlE4SjZsRWI2cWZ5Z2hjd1F5NUgwUVZWZlRMcmdnRmJ0YXRJaC9lN0RIVll0YXErL0FFN1BTaVYzZElwd3FWUXRmS01EcTUyM2RHNkZJclN2cHRkSzMwSXBTRXh0WFNJSkFBUWZrTmxqaDVyR2YyazdyR29NeFZTM3o3dCtwZ3B1ekIydjU3OHIzMkRJeGlUOUZ1cXFTVWdsYmdvdzRlRklhejdvTTBCamUvN0NNbUpIaHppVnVheTJBamN1M1JydlhycmtrSjFwRWx0OXFtYlJvYlBNZ3pHUT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2ecb7d9b025f5207be85409abe4ee48fe77b5c2dd78bf940290bbcc296d4a30d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1165144
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=8d1n63xMUklrQ3ptZ3hpTXVvL2NJV1BZaTJjSStWeGpBc3F2NWc3bnZOQ0Y5R0pucEppTitZN04xVUdFUThJa3ZRTGMwaU5Ic2ZSWkU1MlZaZXF6ZjlHYlE4SjZsRWI2cWZ5Z2hjd1F5NUgwUVZWZlRMcmdnRmJ0YXRJaC9lN0RIVll0YXErL0FFN1BTaVYzZElwd3FWUXRmS01EcTUyM2RHNkZJclN2cHRkSzMwSXBTRXh0WFNJSkFBUWZrTmxqaDVyR2YyazdyR29NeFZTM3o3dCtwZ3B1ekIydjU3OHIzMkRJeGlUOUZ1cXFTVWdsYmdvdzRlRklhejdvTTBCamUvN0NNbUpIaHppVnVheTJBamN1M1JydlhycmtrSjFwRWx0OXFtYlJvYlBNZ3pHUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 327194
content-length: 0
expires: 0

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
371 B 480ms
120ms Ping
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 01:38:38 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e02c3c47a2b5834d39b7de15d3a19658
Content-Length: 4
Expires: 0

GET
H2 200 pd Show response
t-mobile-d.openx.net/w/1.0/ Frame FB17 199 B
202 B 90ms
48ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t-mobile-d.openx.net/w/1.0/pd?us_privacy=1YNN
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Sat, 23 Dec 2023 01:38:38 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 46B8 16 KB
6 KB 135ms
42ms Document
text/html 2.18.96.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161760&us_privacy=1YNN
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.96.187 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-96-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=24129
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Sat, 23 Dec 2023 01:38:38 GMT
expires: Sat, 23 Dec 2023 08:20:47 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 46C0 281 B
555 B 132ms
39ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 23 Dec 2023 01:38:38 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame D438 3 KB
2 KB 101ms
35ms Document
text/html 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 112
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 839ce2dec9216a76-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 01:38:38 GMT
expires: Sat, 23 Dec 2023 05:38:38 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 69A0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
867 B

60ms
60ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f463fe3d326b3df91f3d61d9a6a94098a947d445b865291761adefd5a69ae396

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 839ce2df8ae74480-TXL
content-encoding: br
content-type: text/html
date: Sat, 23 Dec 2023 01:38:38 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEgVLfEOtGe3HKjd6npbd%2BtZWwT3tJRJ2%2B7d2wRbF9%2FZvlQ%2F8RJLkee47VhwXJL8HoBZ2ODA5%2B0r%2BaAcpto%2BkO63zpCu%2BVVL91tz5Lzxegxsa7ucA9uV9ZEj04rfbxspWVMwkz49CRCZRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 839ce2df1a3d4480-TXL
content-length: 0
date: Sat, 23 Dec 2023 01:38:38 GMT
expires: 0
location: /usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8W1HuvbFXWUXv%2BJ4uHsY4nBpJm9Zy1frHAKh%2FAPPTf4npLCnisTlpWb%2BznxnittwDgWDdiVThWtq0IWyJrQ206NR7YIJrDtBCN4GA0hIkJS8g2JlzQfRdB2HWSVzwpnC6LecImkcv1ztA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 46C0 45 KB
13 KB 41ms
41ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0365692d8e0d5051941db1f32f5f61d913d45be260b6030f38616703a3a51d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 01:38:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Dec 2023 14:29:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=46254
Connection: keep-alive
Content-Length: 13201
Expires: Sat, 23 Dec 2023 14:29:32 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 46B8 0
42 B 139ms
41ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63925813&p=161760&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161760&us_privacy=1YNN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:38 GMT
content-length: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 46C0 7 B
380 B 196ms
44ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1YNN
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 69A0 43 B
479 B 377ms
123ms Image
image/gif 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZYY6HraDGc1pXhdLis6pegAAFF0AAAIB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 01:38:39 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SHCRDA42ZPQZN0E3NP6V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 69A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZYY6HraDGc1pXhdLis6pegAAFF0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHbTK8voO8I4JycBy6ODd5w&google_cver=1

43 B
734 B

59ms
59ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHbTK8voO8I4JycBy6ODd5w&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4z2xGOpg0kf2H2N4nqbRMiIR%2BPTKFfG2PyrGQ1erJy8oGQsj2EFa1qzkqPTiLvObvrYpH1f7%2FHuUPwjHsA5Ni73Yn%2BlkGgxGnaSgOW2QzD%2FvlDObOlRt1b%2Fbn1JznrwAaPX6VsJ3b1JUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839ce2e0de904510-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHbTK8voO8I4JycBy6ODd5w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 69A0
Redirect Chain

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZYY6HraDGc1pXhdLis6pegAA%265213&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZYY6HraDGc1pXhdLis6pegAA%265213&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=227747d6bd584b18bd8175347c7e0443
https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7377187449251609913
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

70 B
149 B

178ms
56ms

Image
image/gif

52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:40 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date: Sat, 23 Dec 2023 01:38:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 4

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 69A0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZYY6HraDGc1pXhdLis6pegAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDmbE4lb9WUW5jQwgiqMAU&google_cver=1

43 B
739 B

79ms
79ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDmbE4lb9WUW5jQwgiqMAU&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mw52%2BwfguGO%2BNAZSs8BcI%2BtnEnsFEsgTMo%2FT5GIhllbrBx%2FJwefyF3qFvECry6qoMJQubUc9JD0wa2fDtUjv0%2B9VZt%2FzJxFt14dxpJNRddhaRH3FJCoeCD1wYAkKXgOWfOgIbPXy9%2BDBRA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839ce2e0ee9d4510-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIDmbE4lb9WUW5jQwgiqMAU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 69A0 43 B
146 B 188ms
39ms Image
image/gif 35.156.152.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.152.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-152-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 69A0
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=JC-APyF7iWw_eY8-I3yVbCspiz0_I9w7K3vzNngX

43 B
775 B

60ms
59ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=JC-APyF7iWw_eY8-I3yVbCspiz0_I9w7K3vzNngX
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puVMJjGHkpYBKMMcdZ3%2B2XOxmhywPEyeU8qPutdS2tK0oIUs0xFBK1g3XYD%2FExVfkq0yIUe%2F1f%2BEJeWJO4hmeCFCOAv6S6%2F7%2BNrimxC0NJnDIKHIxyu6iNn29kLRET%2BA0FNFXw3wm9RQrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839ce2e0de874510-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=JC-APyF7iWw_eY8-I3yVbCspiz0_I9w7K3vzNngX
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 69A0 43 B
654 B 216ms
40ms Image
image/gif 2607:ae80:4::26
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZYY6HraDGc1pXhdLis6pegAAFF0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 23 Dec 2023 01:38:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1703295518819025-561

GET
H2

200

rum
dsum.casalemedia.com/ Frame 69A0
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1703381918

43 B
352 B

72ms
59ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1703381918
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Dec 2023 01:38:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Bm5VadBnmJqilSoAV3VLnyAFzT1BdYCbG65YAW6mKm9sZShr%2Fp98gsOTizifcDtqzicq8%2BIqfAlL%2BQL8zKXLpHoWnnPqpryHVsXDr8NJYgBn7jY6lPJfZldKg5zBFIYxzF4HjTk"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 839ce2e19d564480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1703381918
pragma: no-cache
date: Sat, 23 Dec 2023 01:38:38 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 69A0 43 B
229 B 41ms
34ms Image
image/gif 172.64.149.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZYY6HraDGc1pXhdLis6pegAA%265213
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:38:38 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 64543
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 839ce2dffa856a76-TXL
content-length: 43
expires: Sun, 24 Dec 2023 01:38:38 GMT

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 17:51:27	Name: _li_ss Value: CggKBgjSARDmFg
metrozone.newsroomlabs.com/	1969-12-31 23:59:59	Name: i18next Value: en-US
metrozone.newsroomlabs.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 1703295515.446.208.204437\|1b719999a1e1e50b30bb1027f50ead91
.criteo.com/	1970-01-21 02:29:51	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:29:51	Name: uid Value: fb4be7e6-0442-42a3-ad37-b0067063efa6
.openx.net/	1970-01-21 01:53:51	Name: i Value: e753ca1b-016a-40c3-b75b-0e0a8fc3dda7\|1703295515
.rubiconproject.com/	1970-01-21 01:53:51	Name: khaos Value: LQHE66Z0-U-JWD8
.rubiconproject.com/	1970-01-21 01:53:51	Name: audit Value: 1\|naVuGyos1qr/iKxmbFhGRQNb0fGVcfL/XWaA1sYWTLHiXIXbtn90w4HWJBcJ5Oe5skasF1fjuxWifey3FrtL46yUFSj3mPVp8/Mnpyv6Pn8I5MM0imka7sTJU0t0FvEAIo8tEQuGXfHQD5U7tEfUTQ==
.newsroomlabs.com/	1970-01-21 02:29:51	Name: __gads Value: ID=8f0a89faeda16588:T=1703295515:RT=1703295515:S=ALNI_MZtNptiOGWOAv8PRwzuDTiynKgmdQ
.newsroomlabs.com/	1970-01-21 02:29:51	Name: __gpi Value: UID=00000d275ef9e212:T=1703295515:RT=1703295515:S=ALNI_MbhbFKXs72ErXfpcbi7slleJiWgrA
.doubleclick.net/	1970-01-21 02:29:51	Name: IDE Value: AHWqTUniwawydk9I7ftu1J5JHvUKudvfJF2F5U8cQQJAyO4Wik4d69sdaD7ZLpID8hQ
.newsroomlabs.com/	1970-01-21 02:29:51	Name: cto_bundle Value: clCnvl9lTnpvbUxqZ0Z0YVFSMWNsRVZicHR1YnNBYWFpZVRqdXRtNHhqbkoyc2ZmUTdtNmdIRlVHZ1N6V2lvR1A4a3o0dDZ2UHVUb3A3YWx6MFJQbU9NU0ZIMyUyQk0zb3M2MTh6ZXBhRiUyRnZkc002TERVd0FpRldTeFN5Q2dncDZ6QzNnWEt2dnhkVkNpNlI0clgxNHZYNUhDNll5NHJCbUJOZGxKOGlFN1NuZFNLRnE4JTNE
.ads.pubmatic.com/	1970-01-20 17:09:41	Name: KCCH Value: YES
.casalemedia.com/	1970-01-21 01:53:51	Name: CMID Value: ZYY6HraDGc1pXhdLis6pegAA
.casalemedia.com/	1970-01-20 19:17:51	Name: CMPS Value: 5213
.casalemedia.com/	1970-01-20 19:17:51	Name: CMPRO Value: 5213
.quantserve.com/	1970-01-20 19:17:51	Name: d Value: EAwBDQHdKrjvsQA
.quantserve.com/	1970-01-21 02:38:29	Name: mc Value: 65863a1e-c771f-e9334-9d29a
.ads.stickyadstv.com/	1970-01-20 17:51:27	Name: UID Value: 268b2070e97652d437e1cc62cdcc0b8
.ads.stickyadstv.com/	1970-01-20 17:51:27	Name: uid-bp-34673 Value: ZYY6HraDGc1pXhdLis6pegAAFF0AAAIB
.liadm.com/	1970-01-21 02:44:15	Name: lidid Value: 227747d6-bd58-4b18-bd81-75347c7e0443

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
ads.stickyadstv.com
b322441df9b36e104884fb276dbaf744.safeframe.googlesyndication.com
bidder.criteo.com
c.amazon-adsystem.com
casale-match.dotomi.com
cdn.ampproject.org
cdn.indexww.com
cloudinary-res-news.isappcloud.com
cm.g.doubleclick.net
cms.quantserve.com
d.turn.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.isappcloud.com
image6.pubmatic.com
images.outbrainimg.com
js-sec.indexww.com
log.outbrainimg.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
metrozone.newsroomlabs.com
mug.criteo.com
mv.outbrain.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
platform.twitter.com
rock.defybrick.com
rtb.openx.net
s.amazon-adsystem.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
syndication.twitter.com
t-mobile-d.openx.net
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google.com
www.instagram.com
x.bidswitch.net
104.244.42.72
108.138.1.25
142.250.185.226
146.75.118.132
172.64.149.180
172.64.151.101
184.30.22.30
185.64.189.112
198.47.127.19
2.18.96.187
2.18.97.54
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:2057:ce00:1a:ba5c:3900:93a1
2600:9000:223d:2800:8:787e:6600:93a1
2600:9000:223d:dc00:8:787e:6600:93a1
2600:9000:2490:1a00:e:22cc:ba40:93a1
2602:803:c003:200::31
2606:2800:234:59:254c:406:2366:268c
2607:ae80:4::26
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:801::2001
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:13::1400
2a03:2880:f277:1e8:face:b00c:0:4420
34.102.146.192
34.120.135.53
34.197.7.44
35.156.152.149
35.186.253.211
35.244.159.8
46.228.164.13
52.223.40.198
52.46.151.131
64.202.112.159
65.9.66.120
69.173.144.139
95.101.197.152
001666ff0c86a5561ec86b1f16412743e2363cd7ee08f45ec091145d44a3414d
0174cc01f3e5fe09dbefeabc8da0911fad5086619bd9e7affca0fcb6a4caeb29
0365692d8e0d5051941db1f32f5f61d913d45be260b6030f38616703a3a51d4e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09a10a9277eae5dbe0db5673b82b7d4b91b3d5aa275f1f50c4c8650bff27dc96
0a1c3312dd2f9782b63428edb373db715092a9290bac4a90f2376fabf4531871
0af29fe5e474bdfc5ee8e4125959ea49a5c3cc5d84fc0ab219c09e47d1b340cc
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12940050936a155b6ce63dba4c41cc026fbe46f3fd3fe3f1175844ee463c724d
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1b3df8e0165f50e485dcb44d10222bda9b1215213c49e8e07411657a63412475
22e05ae767a8d633a38e36b6a8ec9c824a1b88ce54aa7681bd11a7d5c1404626
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b350305ba8397097fe12b82287f7d65ac5362ddc29826756207e6e92ae98830
2ecb7d9b025f5207be85409abe4ee48fe77b5c2dd78bf940290bbcc296d4a30d
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f62ae4a2ed5f898342be97dd158a57abc22401318038b8af45a8396dc461731
2fcba1498d13ee93d09768243352c8105674c9374d502bad1cbfcc7b49cdb583
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
316e06cbd89cfc40a70b1d2589e40e6c5c4178a081c47f107ed183ba6830a45a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
361a481b9b89e4ccbc206408d2444ad4333650357126f47e6547b46f92ba4a63
38a3987621a361b386a70929890218d85aca4e371b6ddb904f60699e8b4b3100
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3d6693cb498e2a4e05358475c986adfa058901ebc392a95e25d1a55a13406566
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469b506e2cc063436fe5a5fa44e9eb9f7a7403d1f7082893765ee56cbc4af81a
48c6706bc55163e7f5b8530531fd4dac8d823d21faf35adad04411cc40293de6
49ce4459f4c40f12bd7fbec55bdc5e425d547f01b492e5da8ce1574428c27746
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e30b5cf1e7498409774b02b0e87a7dec73a40fd376d506f84513d6aa2b4c1f3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
669b5c194e7ef49392ed930f8df70a89a06314216918df2381e585ad778aa979
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
78d887f974336f7900bd5eab99aa07eab4776357493b33a252c450ad92975b95
7be2199884f7031cf6255db88efae889380a76154de982a416df10e64b28d8b2
7c2f4025077fe916d4e29765b3d24f1de8c344dda3b540fd1a7d0dc35cf09174
7e07a70eac30fe0f3576e82610fbb17a8341d8e24c8fcf7bf9deac39228dbf0d
7f3c9de480637ef61b17c607a53383cd2a7adc0597173a4f9719ebd1b0aa1cad
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8270e1388e12e9de8232da5d2bf598c7e73ad91c91610f9215a137d7e25c234f
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
851b15749bdce6b4f58814f99abe29b48aa8e99d8ab4adda372a36f6d30ca155
85453cf9d8ca2c9fe6265e1c448480dabc04f2d22841b03a179a7b0328686830
8745533655cfb55a71a3ac093748cdf33b78157a6ed1c8e00289a30f02aeae6e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
930d13371c0e5c6ffd524a632026de79ac407bdb6a4bee21b7a8dd12625918ef
9764f6ea10d17a29553a666699d2a12bbbf6805ec29f539084c051285d86c516
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa20f07afa8a9a3c74ff34727e14bd9889511a0e665d2b9065db08a55a4766e4
ab9936ffd886c240cfc6f2bf515deb7ed56998c78cb2bd4cf314fdef37843c94
aed17e1da58c79eaf8c18410876b277f88c7ee900404b2b88c6f4b548a86c479
af095a0ff5a2f36564eae7977a7f69ac28164dbbb497a32e96a15da997ead3cb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b260e038467c3ba9383e1593fc6a9bcce8e973490b9c694dcab7f02191174f5d
b4e2a2e29a0236fd944476979944f38d4d59d8a892ef8e9b7ecb4c774e3471a7
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b55aab87cd66579a7d183628d4550f5249ddedc061f9f6d9779776754ad1d65b
b5b4f43f8b878586ff236d865533a3d395b31d9bdbe7b0fdf7e95784cccae75b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bc4cb8a5000fbfe40bf1147f0f2a553e223938981f829127f034c381a6516812
bd47bf27d565fc9cdc869642aa94a83dc119778db2f05b03a7eb004b68d48696
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4ffba6da17e0654b107030682d09fd08c27bdb875f446870e3e3a2df1ef9dcf
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d1c2c0c756a6475904deffce045e909c20ab33577618f95b7228ae16b99256ad
d95ebd30d818dc4740709510c663de4494c3bd5e6afa1a0c1a4abfc34d46ae0c
d9c7a43df078af690f3e6d271d09a1b9d4e9ea1a50ebed762c235f073daac47a
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de67edc9f6801c8d86791ea10b6b04aee53063fb5a4c922b4233a4bf993937b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51d4470e21d70ec4b3003734c561e748a273918d71e69201c2ef451c0b0d432
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e91399e60ed15ff29f3c4a40f6a1e549cde8a9e724ad90809b79f87cb8b3f9be
ebabe313f704dfee2c57962abb10e4b6342b1c78622796f59ad8175ff9cf160a
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11d4fa3651a9e08bf47153346059d54ab1e9a3cdf3d5c1f726e18cbb6bb5695
f463fe3d326b3df91f3d61d9a6a94098a947d445b865291761adefd5a69ae396
f4d420891afc1e9cbae9af31e7f916063541c6125afde2512c4fd55f9e1e1cc7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f85da131ac714331f64da5b36098bfa49ea11be96a63efa842fc72d31fb42a5f
fbba4434f3c12b7092e14d8534d4ed33cf226c09dfc701c08589040a71f7a678
fdb4c07f55ff9e8be7c1dd23ef361d129a0a24a47a312c8e006cbc7a0b1ec4f6
ffef17f27ebd18f2fb0b1c6d2c1dfc0df2a990ede6bbab33706d6bd170be7e45

metrozone.newsroomlabs.com Open in urlscan Pro 2600:9000:223d:2800:8:787e:6600:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

134 Requests

94 %HTTPS

48 %IPv6

29 Domains

54 Subdomains

41 IPs

6 Countries

1609 kBTransfer

4368 kBSize

21 Cookies

2 Outgoing links

Page URL History

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

metrozone.newsroomlabs.com Open in urlscan Pro
2600:9000:223d:2800:8:787e:6600:93a1 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

94 %
HTTPS

48 %
IPv6

29
Domains

54
Subdomains

41
IPs

6
Countries

1609 kB
Transfer

4368 kB
Size

21
Cookies

134 HTTP transactions
2 data transactions