metrozone.newsroomlabs.com Open in urlscan Pro
2600:9000:2359:ce00:8:787e:6600:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://metrozone.newsroomlabs.com/
Effective URL:
https://metrozone.newsroomlabs.com/
Submission: On March 13 via manual (March 13th 2024, 8:16:56 am UTC) from IN — Scanned from DE

Summary HTTP 131 Redirects Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 27 domains to perform 131 HTTP transactions. The main IP is 2600:9000:2359:ce00:8:787e:6600:93a1, located in United States and belongs to AMAZON-02, US. The main domain is metrozone.newsroomlabs.com. The Cisco Umbrella rank of the primary domain is 17596.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 29th 2024. Valid for: a year.

This is the only time metrozone.newsroomlabs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:235... 2600:9000:2359:a400:8:787e:6600:93a1	16509 (AMAZON-02) (AMAZON-02)
26	2600:9000:235... 2600:9000:2359:ce00:8:787e:6600:93a1	16509 (AMAZON-02) (AMAZON-02)
3	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
1	2a03:2880:f27... 2a03:2880:f277:e2:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	95.101.197.152 95.101.197.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	2600:9000:266... 2600:9000:266e:e400:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
15	3.161.82.109 3.161.82.109	16509 (AMAZON-02) (AMAZON-02)
2	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
10	2600:9000:267... 2600:9000:2670:e00:e:22cc:ba40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.229.253.235 3.229.253.235	() ()
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 2	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
131	41

1 2600:9000:2359:a400:8:787e:6600:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

metrozone.newsroomlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:9000:2359:ce00:8:787e:6600:93a1 (United States)

ASN16509 (AMAZON-02, US)

metrozone.newsroomlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f277:e2:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.197.152 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-197-152.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:266e:e400:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.202.112.31 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t-mobile-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 3.161.82.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-109.fra56.r.cloudfront.net

ib.isappcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2670:e00:e:22cc:ba40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cloudinary-res-news.isappcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

453f0adad4292390abc7e8be3c852b7d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.253.235 (None, )

ASN- ()

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	newsroomlabs.com 1 redirects metrozone.newsroomlabs.com — Cisco Umbrella Rank: 17596	578 KB
25	isappcloud.com ib.isappcloud.com — Cisco Umbrella Rank: 6215 cloudinary-res-news.isappcloud.com — Cisco Umbrella Rank: 18772	91 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 453f0adad4292390abc7e8be3c852b7d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 161	117 KB
7	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 477 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 534 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631	5 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 466 mug.criteo.com — Cisco Umbrella Rank: 3065 bidder.criteo.com — Cisco Umbrella Rank: 702	16 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	179 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 397	104 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2186 google-bidout-d.openx.net — Cisco Umbrella Rank: 2171 rtb.openx.net — Cisco Umbrella Rank: 656 t-mobile-d.openx.net — Cisco Umbrella Rank: 84670	1 KB
5	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 11047 log.outbrainimg.com — Cisco Umbrella Rank: 3434	2 KB
5	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2071 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4493 mv.outbrain.com — Cisco Umbrella Rank: 2715	93 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 496 eus.rubiconproject.com — Cisco Umbrella Rank: 606 token.rubiconproject.com — Cisco Umbrella Rank: 493	13 KB
4	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 301 s.amazon-adsystem.com — Cisco Umbrella Rank: 329	79 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 464 ads.pubmatic.com — Cisco Umbrella Rank: 540 image6.pubmatic.com — Cisco Umbrella Rank: 855	6 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 677	75 KB
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 10529 flint.defybrick.com — Cisco Umbrella Rank: 9594	20 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1306 syndication.twitter.com — Cisco Umbrella Rank: 1683	131 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 536	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 699 cdn.indexww.com — Cisco Umbrella Rank: 1921	2 KB
2	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	11 KB
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2679	514 B
1	zemanta.com 1 redirects b1sync.zemanta.com	389 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 364	149 B
1	liadm.com i.liadm.com	180 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1845	8 KB
1	instagram.com www.instagram.com — Cisco Umbrella Rank: 1869	21 KB
131	27

	Domain	Requested by
27	metrozone.newsroomlabs.com	1 redirects metrozone.newsroomlabs.com
15	ib.isappcloud.com	metrozone.newsroomlabs.com
10	cloudinary-res-news.isappcloud.com	metrozone.newsroomlabs.com
8	pagead2.googlesyndication.com	metrozone.newsroomlabs.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	metrozone.newsroomlabs.com securepubads.g.doubleclick.net
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com metrozone.newsroomlabs.com
4	log.outbrainimg.com	widgets.outbrain.com
4	gum.criteo.com	2 redirects static.criteo.net
3	fonts.gstatic.com	fonts.googleapis.com
3	static.criteo.net	securepubads.g.doubleclick.net metrozone.newsroomlabs.com static.criteo.net
2	creativecdn.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	cm.g.doubleclick.net	ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com
2	eus.rubiconproject.com	metrozone.newsroomlabs.com eus.rubiconproject.com
2	mv.outbrain.com	widgets.outbrain.com
2	mug.criteo.com	metrozone.newsroomlabs.com
2	oajs.openx.net	1 redirects metrozone.newsroomlabs.com
2	flint.defybrick.com	rock.defybrick.com metrozone.newsroomlabs.com
2	c.amazon-adsystem.com	metrozone.newsroomlabs.com c.amazon-adsystem.com
2	platform.twitter.com	metrozone.newsroomlabs.com platform.twitter.com
2	widgets.outbrain.com	metrozone.newsroomlabs.com widgets.outbrain.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	match.adsby.bidtheatre.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	i.liadm.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	t-mobile-d.openx.net	metrozone.newsroomlabs.com
1	ads.pubmatic.com	metrozone.newsroomlabs.com
1	js-sec.indexww.com	metrozone.newsroomlabs.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	453f0adad4292390abc7e8be3c852b7d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	hbopenbid.pubmatic.com	metrozone.newsroomlabs.com
1	fastlane.rubiconproject.com	metrozone.newsroomlabs.com
1	bidder.criteo.com	metrozone.newsroomlabs.com
1	htlb.casalemedia.com	metrozone.newsroomlabs.com
1	rtb.openx.net	metrozone.newsroomlabs.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	rock.defybrick.com	widgets.outbrain.com
1	syndication.twitter.com	platform.twitter.com
1	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
1	widget-pixels.outbrain.com	metrozone.newsroomlabs.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	www.instagram.com	metrozone.newsroomlabs.com
131	50

This site contains no links.

Subject Issuer	Validity	Valid
newsroomlabs.com Amazon RSA 2048 M03	`2024-02-29` - `2025-03-29`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-08-20`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2023-12-21` - `2024-03-20`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-03` - `2025-01-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
syndication.twitter.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
rock.defybrick.com Amazon RSA 2048 M03	`2024-03-10` - `2025-04-08`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2024-02-21` - `2024-05-21`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.isappcloud.com RapidSSL TLS RSA CA G1	`2023-07-23` - `2024-08-22`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://metrozone.newsroomlabs.com/
Frame ID: 638993C6B9CC2EF11784BE5E9ED4F9AC
Requests: 86 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmetrozone.newsroomlabs.com
Frame ID: 33A36B3174010DC5394DB16232029AAC
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=metrozone.newsroomlabs.com
Frame ID: 4CCF8A796E5227963EB4B38DC46CD3A3
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9A211476FB83F4E0D0A395C8A9CF9945
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: A470301DCA5A90E559C7988EB061EDAC
Requests: 1 HTTP requests in this frame

Frame: https://453f0adad4292390abc7e8be3c852b7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 323CE7E9281B08A1FC36EB52E5F5F3BB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3C0EE87BF217F0B926FDACEBD445E5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DCC812F6D9F6199F0F3F59CAC5FBD03F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs
Frame ID: 33BACA64141BD54D70F894BDC6F25245
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=metrozone.newsroomlabs.com
Frame ID: B79E9E812ADF019DC22CCFBA5610AA17
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D4A7DE6AD953A77CCBE12B1EA30A52A7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161760&us_privacy=1YNN
Frame ID: EDAB429D614B586826674BA9B0CBA59F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Frame ID: A453CF717D85FD5310A10615A7AFB1C3
Requests: 3 HTTP requests in this frame

Frame: https://t-mobile-d.openx.net/w/1.0/pd?us_privacy=1YNN
Frame ID: 33C889B87349E0CB172B844DE8BF0E15
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 2EEFD5C328E6C6B763FD82807AD034A9
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Metro Portal

Page URL History Show full URLs

http://metrozone.newsroomlabs.com/ HTTP 301
https://metrozone.newsroomlabs.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

131
Requests

94 %
HTTPS

40 %
IPv6

27
Domains

50
Subdomains

41
IPs

6
Countries

1598 kB
Transfer

4428 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://metrozone.newsroomlabs.com/ HTTP 301
https://metrozone.newsroomlabs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp&cc=1

Request Chain 45

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsroomlabs.com&sn=ChromeSyncframe&so=0&topUrl=metrozone.newsroomlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=eMoywXwxSzIvTFlxcVhPZ0lnSTlvT3UxYU0rUUVRVGEvU2hlZDZWQk8xYVFvSGNDZEl0MkFMSEkxbThJaVZMZnJYQ3h6VWxqZDlpbHVGZTVJT3VlUExuU1Z5ZnJPME9OY09KZjZvUS9EdHdXSmxZZFVSQ2JZS2lZY0tEUlpKZTBqeFUzcWJBdmpDTzVzYU1ZS2RzenRuNHRaVlFqVHljVkZheHMzWkh0R0tqMXh4RHg0R2IxVmpzUXBqZVl4WFJjeDlaTVh1bDRXcjNZcUF6bkFNbm0yQXowbmk3YTFnbFhmQU5lRjkwOVptOHhQc2NWeXI4MXZjdkg3NFI2dFFkcmFUcWMvZXhIdjZHYWU2WTBUZkJ1bGZLcXBLMDh1SjJzWWpleG9YTTlPclRwNUF5cz18&cppv=2

Request Chain 112

https://gum.criteo.com/sid/json?origin=publishertag&domain=newsroomlabs.com&sn=ChromeSyncframe&so=3&topUrl=metrozone.newsroomlabs.com&bundle=lCGy1F9DOSUyQjR3WW1Idk54JTJCNEM1M2ZKTzNjMDAwQm9ORndZZHliUDlQYTJHcUI5c0xlaUklMkJxTlgwRFpCSm1vSXk3MG1Kc1h2ems2a0c3QkF1TFlmaEslMkZHcmtwWkl5TyUyRnZoTGthWjVwb3QlMkJGeXloY3AlMkZvbm9VSXdLN1VvVUFYZjYlMkZpMUc1JTJCZGpaSUR3Y2lBRzZkQmU5MUNpeUF1VVRReHAwQjI0aUdTT1NNTlVGUHclM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=VR5UXXx5ZWVwaXNFOWRhVTZNK0lvaE1oV1BlcnV0UW94anRwTFJXNnVlWGpHdUFjU3lhQzIwTWFDSWpzaENXU3EzWVdTTWFreEFnV2pmSWJXdUYzbFE5eW5LajlNWVFCWlY3STdMcHR6VTlYN1BoYi9mQ2ZhZDZaWGxDcVNuam9EZHRMS29uN1E4N0pVMDBocTI2VmNWYW0rSWM5Q1JXNWhvdzZFTndNRk9RWjJXVkVzY28vNCtDWW1NWWt1YlFuVENiOGpPMFdkOFFLdkhqYWwwK3NSUlhjb096ejZFMXo2OHlseDJxaStjZTB6RHpUN2h1WC9BcFlDYVFzWHIxbmlKK1B5TzJHMHRaS2JwaFVsWlUxNWhVQ1p0WS8zZzRyNU5WSmx0SkErd2Z5QUNUST18&cppv=2

Request Chain 119

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 124

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfFg9VVbLVsAAFLzAPkZUAAAFDkAAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfFg9VVbLVsAAFLzAPkZUAAAFDkAAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfFg9VVbLVsAAFLzAPkZUAAA

Request Chain 127

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177 HTTP 302
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177&tc=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=zIXVbo0jc7f0ttl5TRw6GEaQI8bUx_tdLvP9T5Q5MZM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177&tc=1

Request Chain 128

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=

Request Chain 129

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177 HTTP 302
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=88af89c4-e223-4a5b-b13f-3a90229d5954

131 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
metrozone.newsroomlabs.com/
Redirect Chain

http://metrozone.newsroomlabs.com/
https://metrozone.newsroomlabs.com/

3 KB
2 KB

58ms
19ms

Document
text/html

2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9b8d5e11fdb96e1f3c58470db7a866215014efffffb7fbc7fdce1ef11d7e9c73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76336
content-encoding: gzip
content-type: text/html
date: Tue, 12 Mar 2024 11:05:04 GMT
etag: W/"2b07f09b6059781ec77abcf9c850862c"
last-modified: Mon, 11 Mar 2024 11:04:22 GMT
permissions-policy: geolocation=(), camera=(), microphone=()
referrer-policy: no-referrer
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-amz-cf-id: a79kFgdx8NUBQuO9Nvmpo91GSUmXDcEFV_Jlzmvos1epKKRE053_Aw==
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
x-amz-version-id: U6c6AmOsGhPLLPx2r65M9KJklcocrmey
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Wed, 13 Mar 2024 08:16:48 GMT
Location: https://metrozone.newsroomlabs.com/
Permissions-Policy: geolocation=(), camera=(), microphone=()
Referrer-Policy: no-referrer
Server: CloudFront
Via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 4YrGKiW_yTptZUY_bSBZN3nYjeD-m4BpySPWP4ye78EIVASTU69fxg==
X-Amz-Cf-Pop: FRA60-P10
X-Cache: Redirect from cloudfront
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 235 KB
85 KB 94ms
27ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.outbrain.com/outbrain.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-237-86.deploy.static.akamaitechnologies.com

Software

Resource Hash

f47a2ec0a22aa3f4d5a6ea148dfec9114dec408a2968614e7bda8329839e297e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 13 Mar 2024 08:16:48 GMT
edge-cache-tag: widget-cheetah
x-traceid: f62cfb7e81480f9ba3ebcb16b9af00b3
content-length: 87052
last-modified: Tue, 12 Mar 2024 09:10:09 GMT
etag: "17-JJcWcPr1QXO2zimB3r9OxThYmj0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14500
access-control-allow-credentials: false
timing-allow-origin: *, *
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
28 KB 145ms
60ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afe79b3e8c6c1ff6bc686c28dfd4af87e415c108fd61d6646731bc6a71261192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28574
x-xss-protection: 0
server: cafe
etag: 571 / 19795 / m202403070101 / config-hash: 8657700630701795708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 08:16:48 GMT

GET
H2 200 gpt.js Show response
pagead2.googlesyndication.com/tag/js/ 88 KB
28 KB 123ms
61ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/tag/js/gpt.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8f0b3e51ff33242db4bc23537ca8394feff6e8d663fb69b0441b8a44de73619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28576
x-xss-protection: 0
server: cafe
etag: 627 / 19795 / 31081783 / config-hash: 8657700630701795708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 08:16:48 GMT

GET
H2 200 prebid.js Show response
metrozone.newsroomlabs.com/ 434 KB
123 KB 61ms
59ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f18bbec027439d196d6118e8edbe2cea55923342319f49d7057318f5e56edb95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: SWFUL1z5SUOdRB62bU0dfD9CS8NKb9RS
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:44 GMT
last-modified: Wed, 03 Jan 2024 09:35:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 76339
x-amz-server-side-encryption: AES256
etag: W/"53bfcda65d573ed7d311eee50a2da6a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Mtv-L5_eeywdrjJFLCMXMHJey8nz8bI3Xjwiy3ipMaEE5RO93WJG9A==

GET
H2 200 apstag.js Show response
metrozone.newsroomlabs.com/ 682 B
1 KB 70ms
69ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/apstag.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ebabe313f704dfee2c57962abb10e4b6342b1c78622796f59ad8175ff9cf160a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: hwdId4zIIpZwLvEKSm6SU5aEoZ3i8oJ_
date: Tue, 12 Mar 2024 11:04:50 GMT
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76323
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 682
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:19 GMT
server: AmazonS3
etag: "388455d0e3c35033e1593b0f8ee9c32b"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: vK7JIKkyAMzmM5Zpl2LRtd3Ufycy5FEc4_alipYOTcd2b8MSyhKMIQ==

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 136ms
30ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:48 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 27597
x-served-by: cache-iad-kjyo7100044-IAD, cache-muc13982-MUC
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H2 200 embed.js Show response
www.instagram.com/ 56 KB
21 KB 219ms
159ms Script
application/x-javascript 2a03:2880:f277:e2:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/embed.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f277:e2:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0925b072d9560bf4b2e77b00b1bb6ebf7ae82d6acb715cea186a1894437b2503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Mar 2024 08:16:48 GMT
content-md5: YPGX/Z08nQckOLDUwEaFtQ==
document-policy: force-load-at-top
edge-control: cache-maxage=1200s
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19723
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-fb-debug: jZc0U0v7RrwCAN0rsEjPishb+PbSRMt64XNvvjRH9ri7aucPkgHcqBMM6K0IgEDzjcrR8Jg7v0AS9LkQ0xy40g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c9c09af9969dfeb825b6b14144cb5ab7
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "ac8681244d920763081e38682f2a8c94"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(self), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(self), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 13 Mar 2024 08:36:48 GMT

GET
H2 200 index-0ac1cd5a.js Show response
metrozone.newsroomlabs.com/assets/ 251 KB
76 KB 23ms
22ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6ae622d626fd0747d65683af177ca44ec691e7e814cbcd9d61164cca7086bcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 4w6j6fPPiyn9Bg.Un07eubQbn9TXzgZ0
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:50 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76334
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:20 GMT
server: AmazonS3
etag: W/"d34cb517bfe43397e1eab6e56da51b6f"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: -VknQpRfHL2Ze8BLO68nbHDKHFd4ppUaEvBQIcJHBEruIY-EIDNd-g==

GET
H2 200 vendor-66f8bc84.js Show response
metrozone.newsroomlabs.com/assets/ 638 KB
190 KB 49ms
48ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cd47bb00e0409067a9d46033138da49d97e7d6ce25ca00e797029f8715712754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 1RZsdwdvucXDtGzgiiZ_yqSC6XcK7UQ9
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:50 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76332
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:21 GMT
server: AmazonS3
etag: W/"052c4b975ca189ad9e295fdce57a94c6"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: a6PWSingtEvDBm82gvuGikv_Ft2f37pvnQ8rrWV26ov4LoBCss6t7A==

GET
H2 200 index-e38b04c5.css
metrozone.newsroomlabs.com/assets/ 18 KB
4 KB 19ms
19ms Stylesheet
text/css 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/index-e38b04c5.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e38b04c540667e616f58877d8437652c56f03b00d0ad88866a4de746d6cc0554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: MCRtOz2Xh8A99J8_SzhH72WFJzZIcQ0f
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:50 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76334
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:20 GMT
server: AmazonS3
etag: W/"84295bc41d0d783239e64a8751269f13"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: rRXNIf_GcmAgTkU_HKhHU69L0dv57wKanU9Wb7ERqS8rdH0j4sCjGg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 298 KB
74 KB 126ms
23ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 07:42:07 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Mar 2024 21:59:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2082
x-amz-server-side-encryption: AES256
etag: W/"4f9091ca1740c69dd8d2e945b57ade3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 1aj01EoSzHb3_WaaSOXcUknvcUfNYFSrG7l2yoowAtB-GaXIz5HUtg==

GET
H2 200 gotha_pro_reg-12940050.otf
metrozone.newsroomlabs.com/assets/ 45 KB
46 KB 19ms
19ms Font
binary/octet-stream 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/gotha_pro_reg-12940050.otf

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-e38b04c5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

12940050936a155b6ce63dba4c41cc026fbe46f3fd3fe3f1175844ee463c724d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: v0HeklOCXf99TMoLdvpUS0Bk74EUt5rA
date: Tue, 12 Mar 2024 11:04:53 GMT
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76321
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 46096
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:20 GMT
server: AmazonS3
etag: "aafeb23794c0546aa78e6d11e49ef908"
vary: Accept-Encoding
content-type: binary/octet-stream
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: PYMgDDEwn-ZjSboV4PNtV7VmWDqiaVZCYwy9rECj0gpnT03KnJLPdA==

GET
H/1.1 200
OK bWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
535 B 134ms
28ms XHR
application/json 95.101.197.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcheck.outbrainimg.com/tcheck/check/bWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.197.152 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-197-152.deploy.static.akamaitechnologies.com

Software

Resource Hash

39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Wed, 13 Mar 2024 08:16:48 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=33008
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 112d812cd50759927d9d39170791199f
Content-Length: 15
Expires: Wed, 13 Mar 2024 17:26:56 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 36ms
34ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Fri, 12 Apr 2024 08:16:48 GMT
date: Wed, 13 Mar 2024 08:16:48 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/ 433 KB
136 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:03:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 781
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139281
x-xss-protection: 0
server: cafe
etag: 13505786736550064131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 13 Mar 2025 08:03:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 635 B
277 B 91ms
51ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=metrozone.newsroomlabs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a96db7ee1bd0c18c1e91435631bd2480d0daa40d15fe1c54bb32a9bf7c63275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0
expires: Wed, 13 Mar 2024 08:16:48 GMT

GET
H2 200 widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 33A3 319 KB
103 KB 34ms
33ms Document
text/html 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmetrozone.newsroomlabs.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Wed, 13 Mar 2024 08:16:48 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 11 Dec 2023 17:19:49 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100176-IAD, cache-muc13982-MUC

GET
H2 200 21759519759 Show response
fundingchoicesmessages.google.com/i/ 23 KB
10 KB 99ms
51ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/21759519759?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0fbce3bdbb712cd0263a11f2981a9b8cc5579479b68feb702d4f697fe5e50e9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-P4f7nxSslIvpFdwCKUDsnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-P4f7nxSslIvpFdwCKUDsnA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmII0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiHf4eLDwrZvOqgLEhuuns0YCcczz6awpQOyUPoM1BIh96mewxgHxyQXnWS8CsRAPx4eDR9ezCXzY3fScCQD-Wy7F"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 33A3 869 B
659 B 191ms
128ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=5d5fd8ad3c0147db8f57e74dd2cdd5305f89c47d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmetrozone.newsroomlabs.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-response-time: 108
date: Wed, 13 Mar 2024 08:16:48 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 13 Mar 2024 08:16:48 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 6815c8362ff485cd
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 0861f2452906f2b4b893cb0a3e4f71b4595d23d4c5d243c69b7947fbaa85705e
content-length: 337

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 77ms
21ms Script
text/javascript 2600:9000:266e:e400:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266e:e400:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:01:32 GMT
content-encoding: gzip
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P8
age: 40516
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: H8sIWFsie7f_zykIWTEzcheuJz45tGbQ8yEu6DdWhiZf9pyI-wk_cQ==
expires: Wed, 13 Mar 2024 09:01:32 GMT

GET
H2 200 portal-46c247ed.js Show response
metrozone.newsroomlabs.com/assets/ 8 KB
4 KB 25ms
21ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/portal-46c247ed.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

314f8a4676f975ee7e90bd2625914b0a7df311c6abcf0d28d0dfddc13a109fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: WE2tW0S4CHf4_5s4Bz5iYRONqffj3Kh4
content-encoding: gzip
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:09:16 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76053
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:20 GMT
server: AmazonS3
etag: W/"af300480ba311987ccf07ab0b7bb7fab"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: Lg7Y43gAXcEb5kAZFqp4iBtJJflnacQEgVsO_WDWdxUPYltmhF-vug==

GET
H2 200 GeneralArticleFeed-f6e011da.js Show response
metrozone.newsroomlabs.com/assets/ 45 KB
16 KB 23ms
19ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/GeneralArticleFeed-f6e011da.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

050516f819b983f93b77865f62505bc2f2ccb7baa6577d8759dabe9d7d471c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: zvLQAybxDvBYveMceLsQ9.EW33ks0vh4
content-encoding: gzip
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:05:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76315
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:19 GMT
server: AmazonS3
etag: W/"513e8cb483d5b4f44e4d30b6c9d4864e"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: MaY0ltReq5_SfId1RywFqH_z0F-vCiJ-XEI9p-pf-SscA58U4E9tfg==

GET
H2 200 useDidMount-2fb44939.js Show response
metrozone.newsroomlabs.com/assets/ 152 B
730 B 23ms
20ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/useDidMount-2fb44939.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b8dda4668a8ae21b56ff15e7af22a31861c9019403ab71a13ca0c91c5ff86a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: wd2kQKQn_DNdTrvSGo.lyFz36NyEr1_8
date: Tue, 12 Mar 2024 11:04:52 GMT
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 152
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:20 GMT
server: AmazonS3
etag: "64d36708a37aafac40e6da8aeff6a36a"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: O2m3FOmFIflfuIxsVzGW4QozxOouQk-BAQc1k9HbLn7kmFSCfbRjZw==

GET
H2 200 usePageInit-3ccfc701.js Show response
metrozone.newsroomlabs.com/assets/ 11 KB
5 KB 24ms
20ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/usePageInit-3ccfc701.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

34b5a3fbf7a2dde1d17d47f3a3eccbd91af80bf3f9522c4ba7684017dabaacdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: awRA34pJr.r.X7B1McHS5Oz.UJZJW_vb
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:21 GMT
server: AmazonS3
etag: W/"e54ee58bf668cdd126d840279ce95157"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: DWDujJPGabH7dhdG0CYsyHM9QKxD4q0hcDY58KyQQeK9nJJMvkKYJw==

GET
H2 200 dns.service-c6ba5975.js Show response
metrozone.newsroomlabs.com/assets/ 1 KB
1 KB 24ms
21ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/dns.service-c6ba5975.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

63a442077f326c67c8f1b9c4f3540d6ea7c3abf1859f9ec02743fe0c7e1da212

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: FY_uRpfItRZX.DN0vLgNJIziWy3GnZEL
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:20 GMT
server: AmazonS3
etag: W/"251c12d1510053e9412daaf72f103d51"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: PVaPivxXZYGPTtQ4HAJ1NYa0i6xuf7FZL8nFoAlkTiwPhOCkZ-sF1Q==

GET
H2 200 usePageInit-7f3c9de4.css
metrozone.newsroomlabs.com/assets/ 2 KB
1 KB 22ms
19ms Stylesheet
text/css 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/usePageInit-7f3c9de4.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7f3c9de480637ef61b17c607a53383cd2a7adc0597173a4f9719ebd1b0aa1cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: HfDJ6LirkbqZjqD2UiKzs7BzXxujlpaH
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:21 GMT
server: AmazonS3
etag: W/"e08800e2b568e3e415a2dc7cd505c8d1"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: G8xKypgaR4nikFdd2k4dnXf2t0azU_EyHvyajXzZKCRPrONW15ZKMQ==

GET
H2 200 Clickable-86319146.js Show response
metrozone.newsroomlabs.com/assets/ 12 KB
5 KB 39ms
36ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/Clickable-86319146.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2221a4b81836d8bf84712d52c6466728d7e4568ce98d025aa980d77d31b3cc32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: jqDox3IHr2IO8NE0mM6KnbRDT2EKoveZ
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:19 GMT
server: AmazonS3
etag: W/"f37f0bd3013c31e1994fddb3432b20b8"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: 5hBrsEr3dxystFAViyWaXUsePEUl8ZT04_CVAkpPnL9M5ym1i0MeOQ==

GET
H2 200 Clickable-dd1b634d.css
metrozone.newsroomlabs.com/assets/ 288 B
856 B 24ms
21ms Stylesheet
text/css 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/Clickable-dd1b634d.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dd1b634d3507b3a0427355bc92ac6a973a1b10e98a15527db0985b900b62513c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 31QAqkWYTGuu69oGPArytp_jK_1TBqbT
date: Tue, 12 Mar 2024 11:04:52 GMT
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 288
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:19 GMT
server: AmazonS3
etag: "971c60dcf3172b063332578410a75c9f"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: f2-ZMMThJ6bU0SfGjB69MQQjLZoU-dPYRExruFszNiIlbEweQvPMaQ==

GET
H2 200 cardsService-8c5bd622.js Show response
metrozone.newsroomlabs.com/assets/ 102 KB
26 KB 39ms
37ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/cardsService-8c5bd622.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

525b01cfa3328144f2bc6d75fd27d283645cca366babec0ee7bc9ac17d0f4900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: vy2GOK5Y7LBQFjVveNqZMb80mfEmwpBA
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:19 GMT
server: AmazonS3
etag: W/"b2db90297b0ed9ba3fbdd31cb8b2f883"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: sc5ChjADW97dqPo_OBmdyK44alzAKqu8WDWuW9ENPJeJXsXwdI7xcg==

GET
H2 200 cardsService-c4ffba6d.css
metrozone.newsroomlabs.com/assets/ 5 KB
2 KB 24ms
22ms Stylesheet
text/css 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/cardsService-c4ffba6d.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c4ffba6da17e0654b107030682d09fd08c27bdb875f446870e3e3a2df1ef9dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: neeZ0gWCVgrgRZkcNLiC09Hu9LZBHA_o
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:19 GMT
server: AmazonS3
etag: W/"1a585875e488d7ea1d7bb2379b72f9cc"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: mValbAmdSZ04KrJLdw0ddA5LOxHMjZMD5SoXz9_RwUmz4fwwWqBwbA==

GET
H2 200 GeneralArticleFeed-316e06cb.css
metrozone.newsroomlabs.com/assets/ 15 KB
3 KB 25ms
22ms Stylesheet
text/css 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/GeneralArticleFeed-316e06cb.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

316e06cbd89cfc40a70b1d2589e40e6c5c4178a081c47f107ed183ba6830a45a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: wW.vmJWT4HowpzQCVoC_AdCnto4tN5v0
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:05:51 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76283
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:19 GMT
server: AmazonS3
etag: W/"e7e402cb7e0286f0a6417132a89ff06a"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: jwtoeDBNnTN9jN36q3IcC_DrIrTUko1JHywsRuLGl9GnTLBNiA0uRA==

GET
H2 200 OutOfPageBanner-836428c9.js Show response
metrozone.newsroomlabs.com/assets/ 607 B
1 KB 40ms
38ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/OutOfPageBanner-836428c9.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b0c4709b8d3161c18595e7b120a8411d4c1d9c54785a179d6656a13a38948964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: NJLnL32sBe..pfbqFe8z4O5pdZv5yab7
date: Tue, 12 Mar 2024 11:04:52 GMT
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76324
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 607
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:19 GMT
server: AmazonS3
etag: "8c0b45bc3c738f11570809535cb1048b"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: heSTwzfNaxujs-E1e-keJDjcfQleQ31G9sTE915nFIw-Yev6fJetQQ==

GET
H2 200 OutOfPageBanner-669b5c19.css
metrozone.newsroomlabs.com/assets/ 101 B
668 B 24ms
22ms Stylesheet
text/css 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/OutOfPageBanner-669b5c19.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

669b5c194e7ef49392ed930f8df70a89a06314216918df2381e585ad778aa979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: OwW7JHdQ.eqsRUo62R9IZ4gn2d.Fe_tr
date: Tue, 12 Mar 2024 11:04:52 GMT
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 101
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:19 GMT
server: AmazonS3
etag: "419687244f3a2df4336b89110948b772"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: oLQAa8v9WlrbAr1RTtKhzM-6uXXGyHFFyd5VtUxPo8X8lpUGm1bKBA==

GET
H2 200 useEventListeners-affc75d4.js Show response
metrozone.newsroomlabs.com/assets/ 5 KB
2 KB 40ms
38ms Script
application/javascript 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/useEventListeners-affc75d4.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c0249d23c8dc6ec5813adfd7adc54c69ea4ba84b7152491854fab008a1886ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 6FyUnmNjfLDzSar4HNHrwHS3x2LgZ8Oe
content-encoding: br
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:04:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:20 GMT
server: AmazonS3
etag: W/"922a2a23a0a9712a7751eef07e91ad36"
vary: Accept-Encoding
content-type: application/javascript
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: 9kxOnVLiSThDwCYAjDBwCq767qTFAmKRFHDAZQfVJOrNQxvSh7e0uQ==

GET
H2 200 portal-fdb4c07f.css
metrozone.newsroomlabs.com/assets/ 2 KB
1 KB 40ms
39ms Stylesheet
text/css 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/portal-fdb4c07f.css

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-0ac1cd5a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fdb4c07f55ff9e8be7c1dd23ef361d129a0a24a47a312c8e006cbc7a0b1ec4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: 1nE3Nc1T9xQnuBabpP2g51OWJ3YyLdYH
content-encoding: gzip
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
date: Tue, 12 Mar 2024 11:08:30 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76099
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:20 GMT
server: AmazonS3
etag: W/"f69d2ed97a4aff5972d4dde3f566d49c"
vary: Accept-Encoding
content-type: text/css
permissions-policy: geolocation=(), camera=(), microphone=()
x-amz-cf-id: -tkliVk4KtyfdRUx3pIA_M90scbO1whROUwioGztonXSEDnlMK9phA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 60ms
19ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:45:02 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 27107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: zLmURaMA9r4D_6YkPSpZxx645GBH9eWey__A9DbiMLP-lV2bWa2Rhw==

GET
H2 200 x-button-fd7d4b68.svg
metrozone.newsroomlabs.com/assets/ 200 B
774 B 20ms
20ms Image
image/svg+xml 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrozone.newsroomlabs.com/assets/x-button-fd7d4b68.svg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-e38b04c5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7e07a70eac30fe0f3576e82610fbb17a8341d8e24c8fcf7bf9deac39228dbf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: _DpMABjddMOW_0OJcDugtwJniTIZE56J
date: Tue, 12 Mar 2024 11:09:05 GMT
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76064
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 200
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:21 GMT
server: AmazonS3
etag: "2e0c8dbc37edab2f1d6b43f672925f34"
vary: Accept-Encoding
content-type: image/svg+xml
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: 6RfHoq4WgBcx_E7x0CT3Rve5I3FPwXOUkyn65EZ9PN9oEYOMsHC5sg==

GET
H2 200 gotha_pro_med-3d6693cb.otf
metrozone.newsroomlabs.com/assets/ 46 KB
47 KB 19ms
18ms Font
binary/octet-stream 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/assets/gotha_pro_med-3d6693cb.otf

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/index-e38b04c5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3d6693cb498e2a4e05358475c986adfa058901ebc392a95e25d1a55a13406566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: xHg1p1OqUkKJM_1Vd__7gmMSOT1GndEz
date: Tue, 12 Mar 2024 11:04:53 GMT
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA60-P10
age: 76324
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 47044
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 11 Mar 2024 11:04:20 GMT
server: AmazonS3
etag: "dd3d9ca53a246950706e94726bb1403e"
vary: Accept-Encoding
content-type: binary/octet-stream
permissions-policy: geolocation=(), camera=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: TJStDT5Z25eapCNhxMBgOMEYcMeWGzsvcizoZI5eHcO8GGKKQeD-FA==

GET
H2 200 portal Show response
metrozone.newsroomlabs.com/api/spa/configs/ 9 KB
4 KB 186ms
185ms XHR
application/json 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/api/spa/configs/portal?auid=45b396f4-e042-46c5-acf8-0764715dad88&abt=867&lang=en

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

95554499208d8d1437d11101adbbf85c4f3c732c8671017cda711c6141fc81a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-envoy-decorator-operation: news-content-root-production-tmobile.bears.svc.cluster.local:80/*
x-permitted-cross-domain-policies: none
content-encoding: br
x-amz-cf-pop: FRA60-P10
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-envoy-upstream-service-time: 17
critical-ch: Sec-CH-Prefers-Color-Scheme
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
accept-ch: Sec-CH-Prefers-Color-Scheme
cross-origin-opener-policy: same-origin
etag: W/"24c3-Z8mmZtMfMJUIISAtjxp2mRgPF2U"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
x-aura-correlation-id: d88a289b-27a5-47da-81c6-00836b8ef653
cache-control: public, max-age=1800
x-amz-cf-id: Y9zKm06dB8_LdUgNSM8RKMzJLIyneraCHs85BVvR2j2KAgOCKRPJKA==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 91ms
21ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 03 Mar 2024 21:31:22 GMT
content-encoding: gzip
age: 816326
x-guploader-uploadid: ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 03 Mar 2025 21:31:22 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 125ms
37ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 27 Feb 2024 07:13:11 GMT
server: nginx
etag: W/"65dd8b87-a5db"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 08:16:48 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 374ms
133ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=04222259927082752285712002106019037186401207010422712621229003622127&nc=0&tsf=0&tsfmi=&pv=0&cb=1710317808868&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2276871191&at=&bid=e30%3D&di=W1siZWYiLDYwNThdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NSxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjEwNDk4%0D%0AMjI4MDAsXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjUsZUFIV1gxL2YzcXpDdmJrdXltUXdnbElhRjNwRXNSRUVUcG9W%0D%0AZEZWQlFRcFJjUkJGU0tJSWdpUklyMEtoSlJxcFNBdENBa1FIcEl6eWJiWHBtWnIvNS9kOTZiemN1%0D%0AU0FQSi9HdCJdLFstMywiW1wiaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBh%0D%0AZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0s%0D%0AWy01LCItIl0sWy02LCItIl0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFst%0D%0AMTEsIntcInRcIjpcIlwiLFwibVwiOltdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwi%0D%0Ae1wib1wiOjB9Il0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCIxMiJdLFstMTgsIlswLDAsMCwx%0D%0AXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAs%0D%0AMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIi0iXSxbLTIx%0D%0ALCJUTjNzTmRXdCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxb%0D%0ALTI1LCItIl0sWy0yNiwie1widGpoc1wiOjIzMTAwMDAwLFwidWpoc1wiOjE5MzAwMDAwLFwiamhz%0D%0AbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOS45LDAsXCI0Z1wiLG51bGxdIl0sWy0yOCwiZW4t%0D%0AVVMsZW4iXSxbLTI5LCJ7XCJ2XCI6WzIsMiwyLDIsMCwwLDAsMCwwLDIsMCwyLDAsMCwyLDIsMiwy%0D%0ALDBdfSJdLFstMzAsIltcInZcIiwwXSJdLFstMzEsImZhbHNlIl0sWy0zMiwiLSJdLFstMzMsIi0i%0D%0AXSxbLTM0LCItIl0sWy0zNSwiWzE3MTAzMTc4MDg4NDgsLTFdIl0sWy0zNiwiW1wiNC8zXCIsXCI0%0D%0ALzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDcwLDAsMSwwLDAsMzks%0D%0AMTksMjQsMCw1NTEuNiw1NTEuNiw2MjgsNjI5Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiw0LFwiR2Vj%0D%0Aa29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxs%0D%0ALDNdIl0sWy00MCwiMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAw%0D%0AMDAxMDEwMDAwMDEwMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIw%0D%0AIl0sWy00NywiRXVyb3BlL0Jlcmxpbixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxb%0D%0ALTQ5LCItIl0sWyJibmNoIiw1M11d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A0%2C%22y%22%3A0%2C%22w%22%3A1600%2C%22h%22%3A1125%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=DYwPzs0VbK&sdd=%7B%7D&pto=650
Requested by: Host: rock.defybrick.com
URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4126f945551b69971aaf3f22669e5353891f0e92f4025ee140b14ba6c13656c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Wed, 13 Mar 2024 08:16:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1839
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp&cc=1

85 B
194 B

133ms
132ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp&cc=1
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 248784887beb23f2068b5be2544c7fe1c45899ea81afe0cd2dd721309a8a6068

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-PqHWzt/GlLIJfHYDOkDaWiDgndI"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://metrozone.newsroomlabs.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://metrozone.newsroomlabs.com
location: /esp?url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4CCF 14 KB
6 KB 112ms
37ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=metrozone.newsroomlabs.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 08:16:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 446477
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 portal Show response
metrozone.newsroomlabs.com/api/spa/ 38 KB
16 KB 226ms
226ms XHR
application/json 2600:9000:2359:ce00:8:787e:6600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrozone.newsroomlabs.com/api/spa/portal?market=en-us&topics=politics,trending,latest,local,breaking,entertainment,world,finance,technology,science,sports,health,culture,lifestyle,music,autos,gaming,travel,environment,business,food_dining,parenting,pets,fitness,gardening,architecture,beauty,fun&entryPoint=portal&useOnlineRanking=false&webEnableHeadlines=true&rp=eyJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIn0=&rankingVersion=v1

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2359:ce00:8:787e:6600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a39628d1ee3071b6e80cca462901f141cabc1cba4be6138459fc1d21f4b9b85d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-envoy-decorator-operation: news-content-root-production-tmobile.bears.svc.cluster.local:80/*
x-permitted-cross-domain-policies: none
content-encoding: br
x-amz-cf-pop: FRA60-P10
x-dns-prefetch-control: on
x-cache: Miss from cloudfront
via: 1.1 2809edb23da5b1de8a640a251efb8608.cloudfront.net (CloudFront)
x-envoy-upstream-service-time: 60
cross-origin-resource-policy: same-origin
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"983e-kCh0H6qLB//qLJTGFR85h70xIks"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
origin-agent-cluster: ?1
x-download-options: noopen
x-aura-correlation-id: 660baef0-682c-4610-aa0d-90d80bc6e1d1
cache-control: public, max-age=900
x-amz-cf-id: rT6azuj3qGh9JJBCYyIi9f9P7tqidBo05INRya95Mfsw9PrVgus18g==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4CCF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=newsroomlabs.com&sn=ChromeSyncframe&so=0&topUrl=metrozone.newsroomlabs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=eMoywXwxSzIvTFlxcVhPZ0lnSTlvT3UxYU0rUUVRVGEvU2hlZDZWQk8xYVFvSGNDZEl0MkFMSEkxbThJaVZMZnJYQ3h6VWxqZDlpbHVGZTVJT3VlUExuU1Z5ZnJPME9OY09KZjZvUS9EdHdXSmxZZFVSQ2JZS2lZY0tEUl...

468 B
679 B

61ms
35ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=eMoywXwxSzIvTFlxcVhPZ0lnSTlvT3UxYU0rUUVRVGEvU2hlZDZWQk8xYVFvSGNDZEl0MkFMSEkxbThJaVZMZnJYQ3h6VWxqZDlpbHVGZTVJT3VlUExuU1Z5ZnJPME9OY09KZjZvUS9EdHdXSmxZZFVSQ2JZS2lZY0tEUlpKZTBqeFUzcWJBdmpDTzVzYU1ZS2RzenRuNHRaVlFqVHljVkZheHMzWkh0R0tqMXh4RHg0R2IxVmpzUXBqZVl4WFJjeDlaTVh1bDRXcjNZcUF6bkFNbm0yQXowbmk3YTFnbFhmQU5lRjkwOVptOHhQc2NWeXI4MXZjdkg3NFI2dFFkcmFUcWMvZXhIdjZHYWU2WTBUZkJ1bGZLcXBLMDh1SjJzWWpleG9YTTlPclRwNUF5cz18&cppv=2

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7a95f3fadf0ff141457f7906971b6f69517ad89e4026a99cbe8aed26d7968058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1414234
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=eMoywXwxSzIvTFlxcVhPZ0lnSTlvT3UxYU0rUUVRVGEvU2hlZDZWQk8xYVFvSGNDZEl0MkFMSEkxbThJaVZMZnJYQ3h6VWxqZDlpbHVGZTVJT3VlUExuU1Z5ZnJPME9OY09KZjZvUS9EdHdXSmxZZFVSQ2JZS2lZY0tEUlpKZTBqeFUzcWJBdmpDTzVzYU1ZS2RzenRuNHRaVlFqVHljVkZheHMzWkh0R0tqMXh4RHg0R2IxVmpzUXBqZVl4WFJjeDlaTVh1bDRXcjNZcUF6bkFNbm0yQXowbmk3YTFnbFhmQU5lRjkwOVptOHhQc2NWeXI4MXZjdkg3NFI2dFFkcmFUcWMvZXhIdjZHYWU2WTBUZkJ1bGZLcXBLMDh1SjJzWWpleG9YTTlPclRwNUF5cz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 378168
content-length: 0
expires: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
444 B 460ms
110ms XHR
application/json 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1710317809212&sessionId=560bd87e-4618-430f-7cc5-af4e2b3d402a&url=metrozone.newsroomlabs.com&cheqSource=1&cheqEvent=0&exitReason=3

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 08:16:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: fb6936b9e88c8fb3a25ae769cb2e30c2
Content-Length: 4
Expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 9A21 199 B
298 B 92ms
28ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Wed, 13 Mar 2024 08:16:49 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
444 B 439ms
109ms XHR
application/json 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1710317809248&sessionId=560bd87e-4618-430f-7cc5-af4e2b3d402a&url=metrozone.newsroomlabs.com&cheqSource=1&cheqEvent=2&responseTime=536

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 08:16:49 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 18b253cf26e1b644a317f63132834c76
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
79 B 112ms
112ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00126beec434ed4f8a949225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d75062f578afe6d6e1474fbf4d8fbd3aea25dd61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82e1a08f77f69aa96157aefd9fa64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0e0fa87efe34c79a228e4eaf97d0535e9d73199b414e714400082080b8484d3ce81b2c527df21d6deedc85ec54d5814aa5f0ddb95961426d7bc72ad57b0c918972dae2b121b04cb6ce9098fc3aa29e38069924aa7c19ccc7780191c2df2590243735173cbab2fb842c1dd9729a8916bfe903d9683e4f130cffea759613ed0ba1004cbb00a4b0ff8acba6fa43a9bf64eadbc3cb817a9319552c809dea83cc60624f8b3936438237d0022084014a8e7906fd10bab584f402be4a949df990411f8b8dba6a16fc4edf8e180f8aded564e3cfb4786aa586e83436507d6635d716fea66ae7619c2e8dd628a60d72397b62dcdb80d9f670e2120027b0f81c1e4db3c7c499b184595dbc5a6b1ca530596acbc7d96cc7367c5d3123c6af98dd85621b42699429e1ae33c9a0edac813fbb82eff9a88d29b457eeee03b67846abb8cb0ab129a70351605906f5f4db0a35f8beb08cb999bcd54d19a86330e3247d321b956b85fa0f51c842e517353307c63f31fdf933951a57d83f2b7738c8d3ed3312deb48227b8de295481fbb6de7cd50c80d314d&cb=1710317809248&cri=DYwPzs0VbK
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Wed, 13 Mar 2024 08:16:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 188ms
133ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJwb3J0YWwgb3B0IGluIG5vdGlmaWNhdGlvbiBzdGF0dXMiLCJldmVudF9pZCI6IjMyOTI5ZTRjLTc2Y2MtNDdiNi1iYTBjLTkwMGFmZjJkM2UzZiIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0MDAsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40MDA0MDAiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwic2Vzc2lvbl9kdXJhdGlvbiI6MCwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsImV2ZW50X2xhYmVsIjoidW5zZWxlY3RlZCJ9fQ%3D%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: bIDc_Vl9pbxeMDHxA4bD9zGr2AY1k-zXjUlqHdDc0_-05bpu5xJuAQ==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
330 B 355ms
301ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJmb3IgeW91IHNjcmVlbiBzaG93biIsImV2ZW50X2lkIjoiNzdiZDE1ODItZDVjZi00YmFiLThkMTgtMjY5NGJlZTA5MzRhIiwiZXZlbnRfY291bnRlciI6MTcxMDMxNzgwOTQwMiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjExMSBTYWZhcmkvNTM3LjM2IiwiZW5nYWdlZF9pbl9hcHBfZXZlbnRfZmxhZyI6MCwiaW5fYXBwX2V2ZW50X2ZsYWciOjEsImNsaWVudF9kYXRlIjoiMjAyNC0wMy0xMyIsImNsaWVudF90aW1lc3RhbXAiOiIyMDI0LTAzLTEzIDA5OjE2OjQ5LjQwMjQwMiIsInNjcmVlbl9uYW1lIjoiZm9yIHlvdSIsImV2ZW50X2NhdGVnb3J5IjoicG9ydGFsIHByb2R1Y3QgZnVubmVsIiwiZnJvbnRlbmRfdmVyc2lvbl9uYW1lIjoiMS4xLjkiLCJyZXBvcnRfdHlwZSI6IndlYiAtIGNzciIsImZyb250ZW5kX3ZlcnNpb25fY29kZSI6MTAxMDkwLCJlbnRyeV9wb2ludCI6InBvcnRhbCIsInNlc3Npb25fY291bnRlciI6MSwic2Vzc2lvbl9pZCI6ImNmMGEwMDhkLWQ5MDEtNGJlNS1hMDhjLTRhZmM2M2FhOGI0OCIsInRhYl9uYW1lIjoidHJlbmRpbmciLCJlbnRyeV9wb2ludF9tb2RlbF9pZCI6IjMzIiwibW9kZWxfaWQiOiIzMyIsIml0ZXJhdGlvbl9pZCI6ImY5NmJjZTJlLWQxNDItNGRjMS04MmQwLTg5OGEzZmI4NWNkNCIsInN0cmF0ZWd5X2lkIjoyLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6MCwiZmFsbGJhY2tfbW9kZWxfaWQiOiJub25lIiwidHJhaW5pbmdfcnVuX2lkIjoibm9uZSIsImVuZ2FnZWRfZXZlbnRfc2Vzc2lvbl9kdXJhdGlvbiI6MCwic2Vzc2lvbl9kdXJhdGlvbiI6MCwiYXVyYV91c2VyX2lkIjoiNDViMzk2ZjQtZTA0Mi00NmM1LWFjZjgtMDc2NDcxNWRhZDg4IiwidXNlcl9hYl90ZXN0X2lkIjoiODY3IiwiYnJhbmQiOiJ0LW1vYmlsZSIsImN1c3RvbWVyIjoibWV0cm8iLCJsb2NhbGUiOiJlbi1VUyIsImRldmljZV9sYW5ndWFnZSI6ImVuIiwiZXhwZXJpZW5jZSI6InBvcnRhbCIsIm9wZXJhdGluZ19zeXN0ZW0iOiJXaW5kb3dzIiwib3BlcmF0aW5nX3N5c3RlbV92ZXJzaW9uIjoiMTAiLCJiYWNrZW5kX3ZlcnNpb25fbmFtZSI6IjMuMy4xIiwiY29uZmlnX3BhcmFtcyI6ImxpbWl0ZWRfYWRzLWZhbHNlIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: 5vKoL15FnQeNQMplg2vmNJS6u3k3LYLvA-tpHW3Ump0aJtqJnmafqA==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 338ms
293ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJwb3J0YWwgLSBzZXNzaW9uIHN0YXJ0IiwiZXZlbnRfaWQiOiJhZTJjNGU1My1iZGZkLTQyNWMtOTgzMS1mMzk5ZThjNDc2ZTUiLCJldmVudF9jb3VudGVyIjoxNzEwMzE3ODA5NDExLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuMTExIFNhZmFyaS81MzcuMzYiLCJlbmdhZ2VkX2luX2FwcF9ldmVudF9mbGFnIjowLCJpbl9hcHBfZXZlbnRfZmxhZyI6MCwiY2xpZW50X2RhdGUiOiIyMDI0LTAzLTEzIiwiY2xpZW50X3RpbWVzdGFtcCI6IjIwMjQtMDMtMTMgMDk6MTY6NDkuNDExNDExIiwic2NyZWVuX25hbWUiOiJmb3IgeW91IiwiZXZlbnRfY2F0ZWdvcnkiOiJwb3J0YWwgcHJvZHVjdCBmdW5uZWwiLCJmcm9udGVuZF92ZXJzaW9uX25hbWUiOiIxLjEuOSIsInJlcG9ydF90eXBlIjoid2ViIC0gY3NyIiwiZnJvbnRlbmRfdmVyc2lvbl9jb2RlIjoxMDEwOTAsImVudHJ5X3BvaW50IjoicG9ydGFsIiwic2Vzc2lvbl9jb3VudGVyIjoxLCJzZXNzaW9uX2lkIjoiY2YwYTAwOGQtZDkwMS00YmU1LWEwOGMtNGFmYzYzYWE4YjQ4IiwidGFiX25hbWUiOiJ0cmVuZGluZyIsImVudHJ5X3BvaW50X21vZGVsX2lkIjoiMzMiLCJtb2RlbF9pZCI6IjMzIiwiaXRlcmF0aW9uX2lkIjoiZjk2YmNlMmUtZDE0Mi00ZGMxLTgyZDAtODk4YTNmYjg1Y2Q0Iiwic3RyYXRlZ3lfaWQiOjIsIm5vbl9wZXJzb25hbGl6ZWRfZmlyc3RfaW5kZXgiOiJub25lIiwicmFua2luZ190eXBlIjowLCJmYWxsYmFja19tb2RlbF9pZCI6Im5vbmUiLCJ0cmFpbmluZ19ydW5faWQiOiJub25lIiwiZW5nYWdlZF9ldmVudF9zZXNzaW9uX2R1cmF0aW9uIjowLCJzZXNzaW9uX2R1cmF0aW9uIjowLCJhdXJhX3VzZXJfaWQiOiI0NWIzOTZmNC1lMDQyLTQ2YzUtYWNmOC0wNzY0NzE1ZGFkODgiLCJ1c2VyX2FiX3Rlc3RfaWQiOiI4NjciLCJicmFuZCI6InQtbW9iaWxlIiwiY3VzdG9tZXIiOiJtZXRybyIsImxvY2FsZSI6ImVuLVVTIiwiZGV2aWNlX2xhbmd1YWdlIjoiZW4iLCJleHBlcmllbmNlIjoicG9ydGFsIiwib3BlcmF0aW5nX3N5c3RlbSI6IldpbmRvd3MiLCJvcGVyYXRpbmdfc3lzdGVtX3ZlcnNpb24iOiIxMCIsImJhY2tlbmRfdmVyc2lvbl9uYW1lIjoiMy4zLjEiLCJlbnRyeV9maW5pc2hfZXZlbnRfZmxhZyI6InN0YXJ0In19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: kmxuItdTxqEUJdOOUPyuSAFYmElb4AI-LwHMVgM6epkRn0mv-T-VqA==

GET
H2 200 platforms Show response
mv.outbrain.com/Multivac/api/ 5 KB
3 KB 191ms
131ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/platforms?contentUrl=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&idx=0&rand=61728&app_ver=3.3.1&widgetJSId=MB_12&va=true&et=true&format=html&app_id=com.metropcs.metrozone&clss=pmg7AgcP9Oiz5aUbaKzjyuNp%2FTn6rFmXwYnQa1E9sunTyiGQLoc2Vrz4bB%2B8E5HvbRy3rackzIijTzkVzXQ%2FzA%3D%3D&extid=w%3DPT_MID%2Cac%3Dmetro%2Cdmo%3D%2Cep%3Dportal%2Ccv%3D%2Cabt%3D&extid2=cp%3D%2Ccps%3D%2Cmid%3D33%2Cla%3Den%2Clo%3Den-us%2Cfvn%3D1.1.9&px=12&py=647&vpd=0&cw=1576&settings=true&recs=true&key=IRONS2K1OLEJM4GB4HGIQAFE9&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&psub=www.metropcs.mobi&version=2010700&sig=TN3sNdWt&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ecf87714b1104759439fae043deddf44f536e33195752e242f8115c8f30cf480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Wed, 13 Mar 2024 08:16:49 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1710317810.518350,VS0,VE112
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: eb39284b3aee1e781793d92300b2cf22
accept-ranges: bytes
content-length: 2609
x-served-by: cache-lga13624-LGA, cache-fra-eddf8230119-FRA

GET
H2 200 eyJpdSI6ImI1NGMwMDJlNGMzNGM3YzNmMzhjYTk1MTUwMWEyNDkzNGRhMGM0YTk5MWJmMjgxOGIzMGY3M2M1MGQxZGE2NGMiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/ 5 KB
6 KB 93ms
24ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI1NGMwMDJlNGMzNGM3YzNmMzhjYTk1MTUwMWEyNDkzNGRhMGM0YTk5MWJmMjgxOGIzMGY3M2M1MGQxZGE2NGMiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0df16d028898985f58f84697f5f9c9f485c6ba493763f3389482b5e8e524520b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 14:23:33 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 64396
x-cache: Hit from cloudfront
content-length: 5324
x-request-id: 56150fed40d05431a11b027818c3c643
last-modified: Tue, 12 Mar 2024 13:00:57 GMT
server: Cloudinary
etag: "37acc7a9fd92c40e38373ed3c68bb03e"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: K_0tA3U14LQBXb3AqXqAsJYufpwyyl_r4o4pA65j9_SqhvPN52o6Gg==

GET
H2 200 img_3266.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://parade.com/.image/c_fit%2Ch_800%2Cw_1200/MjA0OTcyOTk4MDI3OTEyODM2/ 6 KB
7 KB 93ms
24ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://parade.com/.image/c_fit%2Ch_800%2Cw_1200/MjA0OTcyOTk4MDI3OTEyODM2/img_3266.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f35b5162d80d8118257c8076aa3316285c3efb8aa7f580aafdf8563ab9d51383

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:36:48 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 42001
x-cache: Hit from cloudfront
content-length: 6260
x-request-id: 274dbdfca4d7c40f419850ba42b4a3b1
last-modified: Tue, 12 Mar 2024 19:45:10 GMT
server: Cloudinary
etag: "4c05e001bbddf6d7e2ffb3b2ac81cd24"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: wJKefes4Q2d7MUNmsLTokNUQnkYyyYefV7kLGcmCnwQvBOqTnlXcMQ==

GET
H2 200 eyJpdSI6ImVjNzVhMTY3ZjlkMjczMzBhMGNmOTk2OWJlMDE5ODBmOGVhNTkzNGY4OTAxMTlhM2ZjNmU3ZmFmMmE5Y2QzN2EiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/ 7 KB
8 KB 104ms
36ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVjNzVhMTY3ZjlkMjczMzBhMGNmOTk2OWJlMDE5ODBmOGVhNTkzNGY4OTAxMTlhM2ZjNmU3ZmFmMmE5Y2QzN2EiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

dac1f312f1ea2c3ea6fcc90ede0317083a4c59be18a244eca869fc9d037f420f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 03:28:26 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 17303
x-cache: Hit from cloudfront
content-length: 7264
x-request-id: 537cba62719c128ff16acb4fd85622f8
last-modified: Wed, 13 Mar 2024 01:30:47 GMT
server: Cloudinary
etag: "b5b347c114498dc1e40fcf361d6a37bd"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5xz_IXszU6awUFYlCDtbpOMMlUnVCHKpqpSb0iaXE7cdIdh3jiviVA==

GET
H2 200 brain_scans_1355016555.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://media2.salon.com/2023/05/ 19 KB
19 KB 111ms
42ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://media2.salon.com/2023/05/brain_scans_1355016555.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1ab08df8c5b37463544b248ea9a17055b7056368d62fca8a10cfd24bb8e6aad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 15:10:31 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 61578
x-cache: Hit from cloudfront
content-length: 19351
last-modified: Tue, 12 Mar 2024 14:50:31 GMT
server: Cloudinary
etag: "f4000d258ce8abd4342ed835efa084cd"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2HC5CN9abe7Eu0JDWv56Uf-PRaQjeBZwCF8lQOoJpcMZ3C56iQXmrQ==

GET
H2 200 ice-spice-oscars-vanity-fair-2024-billboard-1548.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://www.billboard.com/wp-content/uploads/2024/03/ 7 KB
8 KB 91ms
23ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://www.billboard.com/wp-content/uploads/2024/03/ice-spice-oscars-vanity-fair-2024-billboard-1548.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ecd6e21eb20a0e1f017f20f36648190d6c7f6a09f833753be13d4c693a420da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:27:32 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 42557
x-cache: Hit from cloudfront
content-length: 7672
x-request-id: 5303b8d8588070b591e9b32dd4f6812c
last-modified: Tue, 12 Mar 2024 19:00:40 GMT
server: Cloudinary
etag: "bb591c6bc902e410fb2ca29014fb18a0"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: sN5HaR5d4VrIGbvtW0HP1b6_q6V_jUyFsDc4SUyUOHbGNbcL4sMbTw==

GET
H2 200 eyJpdSI6ImEyZTA0ODZhOGNkOWM0NGU1M2ZhOWIyNGM2N2I2MGM1OGU4YjJkYjczOGQzODI4OTc0NzIxMzI0YTZmN2Q5ZTEiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/ 6 KB
7 KB 91ms
23ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/eyJpdSI6ImEyZTA0ODZhOGNkOWM0NGU1M2ZhOWIyNGM2N2I2MGM1OGU4YjJkYjczOGQzODI4OTc0NzIxMzI0YTZmN2Q5ZTEiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d20c4f63b10de80373fddffea89d5b43ecbb834f9f82f6607e5e74000e018b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 03:21:27 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 17722
x-cache: Hit from cloudfront
content-length: 6579
x-request-id: 43e25778cb611b1858a58e42fb98c49e
last-modified: Wed, 13 Mar 2024 02:45:42 GMT
server: Cloudinary
etag: "a2c14d763348be963beb89e2910c55dd"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GPg7147Y-gP6ELg6puYKbKYBH3O77hVuc-A3ZP97rpe6m0HSZW2jWg==

GET
H2 200 eyJpdSI6IjdiYTExNWFiN2RhYzEyYTEyNTJkMDMwMjNhNDA3M2U0MTA2MWUyMDU0MjdiZmM0YTA2MDYzMzMwZTNiOTIyN2YiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/ 8 KB
8 KB 21ms
21ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://images.outbrainimg.com/transform/v3/eyJpdSI6IjdiYTExNWFiN2RhYzEyYTEyNTJkMDMwMjNhNDA3M2U0MTA2MWUyMDU0MjdiZmM0YTA2MDYzMzMwZTNiOTIyN2YiLCJ3IjozOTAsImgiOjI1NiwiZCI6MS41LCJjcyI6MCwiZiI6MH0.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

03bf62c25af0745def54bf068bf16a29608f6d7aafbb89092968405450263211

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 00:44:10 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 113559
x-cache: Hit from cloudfront
content-length: 7813
x-request-id: 2cdc6b9136720808b3f0eebc91db5a82
last-modified: Mon, 11 Mar 2024 19:16:10 GMT
server: Cloudinary
etag: "6cd8a3785b5f945ff7e1c4a3fe0ac151"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: S-OjE8v4yTdxDnVKEruDb1gS1rEWZVZBITtIUPrJAUYscZ15mKWDig==

GET
H2 200 Sharon-Stone-Billy-Baldwin-Sliver.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://www.rollingstone.com/wp-content/uploads/2024/03/ 8 KB
9 KB 23ms
23ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://www.rollingstone.com/wp-content/uploads/2024/03/Sharon-Stone-Billy-Baldwin-Sliver.jpg

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

67f4e9f61bbe8ecd0002f913c8ffb29a9f2f91ea18633fd0330adb8abb25c98a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 06:10:28 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 7581
x-cache: Hit from cloudfront
content-length: 8230
last-modified: Wed, 13 Mar 2024 02:44:01 GMT
server: Cloudinary
etag: "0595702b8e02247819560432e83ce262"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: WcVjsSW4vuIZwpY0fZ5RcNZ4NWdhIfo_6OmUoC9w3yd_rZDerwYFug==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 118ms
117ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjgzOGY5YTNiLTMzOGMtNDlhZi04NGZhLTdiNGYxNjFkNTIyYyIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0NzQsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40NzQ0NzQiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsIml0ZW1faWQiOjE3NzMzNjUwLCJpdGVtX2hlYWRlciI6IlBlbm5zeWx2YW5pYSBtYW4gYWNjdXNlZCBvZiBza2lubmluZyBraXR0ZW4ncyBmYWNlICdkb3duIHRvIHRoZSBib25lJyBjbGFpbWVkIGl0IHdhcyBhIGphZ3Vhcjogb2ZmaWNpYWxzIiwiaXRlbV9uYW1lIjoiYXJ0aWNsZSIsIml0ZW1fdW5pdCI6InNtYWxsIiwidG9waWNfaWQiOiJwZXRzIiwiY29udGVudF9wcm92aWRlciI6Im91dGJyYWluIiwiY29udGVudF9wcm92aWRlcl9zb3VyY2UiOiJmb3hfbmV3cyIsIml0ZW1fcHVibGlzaGVkX2RhdGUiOiIyMDI0LTAzLTEyVDA4OjQ1OjAwLjAwMFoiLCJpdGVtX3R5cGUiOiJwcmV2aWV3IiwiaXRlbV9mb3JtYXQiOiJwcmV2aWV3IiwicG9zaXRpb25faW5fZmVlZCI6MSwiaXRlbV91cmwiOiJodHRwczovL21ldHJvem9uZS5uZXdzcm9vbWxhYnMuY29tL2FydGljbGUtaW50cm8vMTc3MzM2NTAiLCJhcnRpY2xlX3JhbmsiOjEsImV2ZW50X3ZhbHVlIjoiRmVlZGJhY2sgTWVudTogZmFsc2UifX0%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: -1xirjlPPRKUmpLVIMuhLzTIJNIBd4mUGoW4o7NtsiEbzCGI-B5HFA==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 120ms
120ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjM1NTQ4MGIzLWMyMTAtNDdhOC1hNjAyLTRmYThkNjQyZDcyZCIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0NzYsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40NzY0NzYiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsIml0ZW1faWQiOjE3NzM2MzY1LCJpdGVtX2hlYWRlciI6IkxlYWggU21pdGgsIFRpay1Ub2sgSW5mbHVlbmNlciwgRGVhZCBhdCAyMiIsIml0ZW1fbmFtZSI6ImFydGljbGUiLCJpdGVtX3VuaXQiOiJzbWFsbCIsInRvcGljX2lkIjoibGlmZXN0eWxlIiwiY29udGVudF9wcm92aWRlciI6InRoZWFyZW5hZ3JvdXAiLCJjb250ZW50X3Byb3ZpZGVyX3NvdXJjZSI6InBhcmFkZV9jb20iLCJpdGVtX3B1Ymxpc2hlZF9kYXRlIjoiMjAyNC0wMy0xMlQxOToyNzoyNi4wMDBaIiwiaXRlbV90eXBlIjoicHJldmlldyIsIml0ZW1fZm9ybWF0IjoicHJldmlldyIsInBvc2l0aW9uX2luX2ZlZWQiOjIsIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWludHJvLzE3NzM2MzY1IiwiYXJ0aWNsZV9yYW5rIjoyLCJldmVudF92YWx1ZSI6IkZlZWRiYWNrIE1lbnU6IGZhbHNlIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: bo9AFtpUFKClYr9rjDWaOIXCtLGGkV4ccys8aw4xIzsxfE0vvrklBg==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 117ms
117ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6Ijg3NjhlYWQ3LTI0ZDgtNDAwOC1hMmI4LThlYWFkYmM4YjBmNyIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0NzgsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40Nzg0NzgiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsIml0ZW1faWQiOjE3NzM3OTA0LCJpdGVtX2hlYWRlciI6Ik15IGdpcmxmcmllbmQgZHVtcGVkIG1lICBJIGdvdCByZXZlbmdlIGJ5IGxvc2luZyAxNDEgcG91bmRzIG9uIG15IG93biIsIml0ZW1fbmFtZSI6ImFydGljbGUiLCJpdGVtX3VuaXQiOiJzbWFsbCIsInRvcGljX2lkIjoicGFyZW50aW5nIiwiY29udGVudF9wcm92aWRlciI6Im91dGJyYWluIiwiY29udGVudF9wcm92aWRlcl9zb3VyY2UiOiJueV9wb3N0IiwiaXRlbV9wdWJsaXNoZWRfZGF0ZSI6IjIwMjQtMDMtMTJUMjE6MTE6MDAuMDAwWiIsIml0ZW1fdHlwZSI6InByZXZpZXciLCJpdGVtX2Zvcm1hdCI6InByZXZpZXciLCJwb3NpdGlvbl9pbl9mZWVkIjo0LCJpdGVtX3VybCI6Imh0dHBzOi8vbWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20vYXJ0aWNsZS1pbnRyby8xNzczNzkwNCIsImFydGljbGVfcmFuayI6MywiZXZlbnRfdmFsdWUiOiJGZWVkYmFjayBNZW51OiBmYWxzZSJ9fQ%3D%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: ETBCMXrYXLqvN5logc6kgeXSkn-J0XOGLRNpeLkbOW0KaeAJUd2v4w==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 297ms
296ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6Ijg5YTY2MWNlLTlkNjEtNDVkYi04ZDg3LWY0Yjg0ZWQ0MTVhNCIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0ODEsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40ODE0ODEiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsIml0ZW1faWQiOjE3NzM0MTA4LCJpdGVtX2hlYWRlciI6Ik1vdW50aW5nIHJlc2VhcmNoIHNob3dzIHRoYXQgQ09WSUQtMTkgbGVhdmVzIGl0cyBtYXJrIG9uIHRoZSBicmFpbiIsIml0ZW1fbmFtZSI6ImFydGljbGUiLCJpdGVtX3VuaXQiOiJzbWFsbCIsInRvcGljX2lkIjoic2NpZW5jZSIsImNvbnRlbnRfcHJvdmlkZXIiOiJzYWxvbiIsImNvbnRlbnRfcHJvdmlkZXJfc291cmNlIjoic2Fsb24iLCJpdGVtX3B1Ymxpc2hlZF9kYXRlIjoiMjAyNC0wMy0xMlQxNDoxOToyMC4wMDBaIiwiaXRlbV90eXBlIjoicHJldmlldyIsIml0ZW1fZm9ybWF0IjoicHJldmlldyIsInBvc2l0aW9uX2luX2ZlZWQiOjUsIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWludHJvLzE3NzM0MTA4IiwiYXJ0aWNsZV9yYW5rIjo0LCJldmVudF92YWx1ZSI6IkZlZWRiYWNrIE1lbnU6IGZhbHNlIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: bVdvPpTpFq4EA1ygsfgZNCanKoq_wv9KTZdXBiPHWWKt0ZYOJ-HYFA==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 298ms
297ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6ImY2NDI2M2U5LWY3MDUtNDZkMC05ZDI0LTRhNjc0ZWNhNGNmMiIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0ODMsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40ODM0ODMiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsIml0ZW1faWQiOjE3NzM2MTA1LCJpdGVtX2hlYWRlciI6IkljZSBTcGljZSBGaXJlcyBCYWNrIGF0IENyaXRpY3Mgb2YgSGVyIE9zY2FycyBBZnRlcnBhcnR5RHJlc3MiLCJpdGVtX25hbWUiOiJhcnRpY2xlIiwiaXRlbV91bml0Ijoic21hbGwiLCJ0b3BpY19pZCI6Im11c2ljIiwiY29udGVudF9wcm92aWRlciI6InBtYyIsImNvbnRlbnRfcHJvdmlkZXJfc291cmNlIjoiYmlsbGJvYXJkIiwiaXRlbV9wdWJsaXNoZWRfZGF0ZSI6IjIwMjQtMDMtMTJUMTg6NTE6MjkuMDAwWiIsIml0ZW1fdHlwZSI6InByZXZpZXciLCJpdGVtX2Zvcm1hdCI6InByZXZpZXciLCJwb3NpdGlvbl9pbl9mZWVkIjo2LCJpdGVtX3VybCI6Imh0dHBzOi8vbWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20vYXJ0aWNsZS1pbnRyby8xNzczNjEwNSIsImFydGljbGVfcmFuayI6NSwiZXZlbnRfdmFsdWUiOiJGZWVkYmFjayBNZW51OiBmYWxzZSJ9fQ%3D%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: 2JfXB3xK6Ec6JqIbKDskds43XsLf0mtbeYqPVNLHbj-tuAJH6DsgUA==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 294ms
294ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjllMWI5MmFmLTVkY2EtNDZmNC1iY2MxLWZjZGE1ZjUwYTIyOSIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0ODUsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40ODU0ODUiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsIml0ZW1faWQiOjE3NzM4MDU2LCJpdGVtX2hlYWRlciI6IkZvdXIgcGVvcGxlIGNhdWdodCBydW5uaW5nIGxhcmdlLXNjYWxlIG1hcnJpYWdlIHNjYW0gdG8gZ2V0IGdyZWVuIGNhcmRzIGZvciA2MDAgbWlncmFudHM6IERPSiIsIml0ZW1fbmFtZSI6ImFydGljbGUiLCJpdGVtX3VuaXQiOiJzbWFsbCIsInRvcGljX2lkIjoicG9saXRpY3MiLCJjb250ZW50X3Byb3ZpZGVyIjoib3V0YnJhaW4iLCJjb250ZW50X3Byb3ZpZGVyX3NvdXJjZSI6ImZveF9uZXdzIiwiaXRlbV9wdWJsaXNoZWRfZGF0ZSI6IjIwMjQtMDMtMTJUMjE6MDY6MDAuMDAwWiIsIml0ZW1fdHlwZSI6InByZXZpZXciLCJpdGVtX2Zvcm1hdCI6InByZXZpZXciLCJwb3NpdGlvbl9pbl9mZWVkIjo4LCJpdGVtX3VybCI6Imh0dHBzOi8vbWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20vYXJ0aWNsZS1pbnRyby8xNzczODA1NiIsImFydGljbGVfcmFuayI6NiwiZXZlbnRfdmFsdWUiOiJGZWVkYmFjayBNZW51OiBmYWxzZSJ9fQ%3D%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: 5BwSWPMMf5fJVRh-YAAoXaJwRT91-5KJe5Z-yuvb-7dz13S5N1jmNg==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
332 B 116ms
116ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6ImFlNWNiYWQ3LWIyMDMtNDFhMi05YTUwLThiNmJlNTgyNGM0NCIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0ODcsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40ODc0ODciLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsIml0ZW1faWQiOjE3NzMxNzE0LCJpdGVtX2hlYWRlciI6IkthdGUgQmVja2luc2FsZSBhbm5vdW5jZXMgaG9zcGl0YWxpemF0aW9uLCBwb3N0cyB0ZWFyZnVsIHBpY3MgZnJvbSBiZWQiLCJpdGVtX25hbWUiOiJhcnRpY2xlIiwiaXRlbV91bml0Ijoic21hbGwiLCJ0b3BpY19pZCI6ImhlYWx0aCIsImNvbnRlbnRfcHJvdmlkZXIiOiJvdXRicmFpbiIsImNvbnRlbnRfcHJvdmlkZXJfc291cmNlIjoicGFnZV9zaXgiLCJpdGVtX3B1Ymxpc2hlZF9kYXRlIjoiMjAyNC0wMy0xMVQxNDo1NzowMC4wMDBaIiwiaXRlbV90eXBlIjoicHJldmlldyIsIml0ZW1fZm9ybWF0IjoicHJldmlldyIsInBvc2l0aW9uX2luX2ZlZWQiOjksIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWludHJvLzE3NzMxNzE0IiwiYXJ0aWNsZV9yYW5rIjo3LCJldmVudF92YWx1ZSI6IkZlZWRiYWNrIE1lbnU6IGZhbHNlIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: XYKY3QS3Fc_mjr1q__6VNKDfGmXXEkLdjVrkVbB8moy9Z4VtWYmKUA==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 120ms
119ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjIyNmI0YzkxLWYyNTQtNDJjMy05MjU1LTc0NjdmODA3MjA3ZSIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0OTYsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40OTY0OTYiLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsIml0ZW1faWQiOjE3NzM4MDI4LCJpdGVtX2hlYWRlciI6IlNoYXJvbiBTdG9uZSBOYW1lcyBQcm9kdWNlciBTaGUgQ2xhaW1zIFRvbGQgSGVyIHRvIFNsZWVwIFdpdGhTbGl2ZXJDby1TdGFyIEJpbGx5IEJhbGR3aW4iLCJpdGVtX25hbWUiOiJhcnRpY2xlIiwiaXRlbV91bml0Ijoic21hbGwiLCJ0b3BpY19pZCI6IndvcmxkIiwiY29udGVudF9wcm92aWRlciI6InBtYyIsImNvbnRlbnRfcHJvdmlkZXJfc291cmNlIjoicm9sbGluZ19zdG9uZSIsIml0ZW1fcHVibGlzaGVkX2RhdGUiOiIyMDI0LTAzLTEzVDAyOjIxOjA2LjAwMFoiLCJpdGVtX3R5cGUiOiJwcmV2aWV3IiwiaXRlbV9mb3JtYXQiOiJwcmV2aWV3IiwicG9zaXRpb25faW5fZmVlZCI6MTAsIml0ZW1fdXJsIjoiaHR0cHM6Ly9tZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS9hcnRpY2xlLWludHJvLzE3NzM4MDI4IiwiYXJ0aWNsZV9yYW5rIjo4LCJldmVudF92YWx1ZSI6IkZlZWRiYWNrIE1lbnU6IGZhbHNlIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: Yu6_5CwqACV73a96W9N-96AUrB9j9daZ9NTDTkTisikNjAOkSdMCjQ==

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 118ms
116ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhcnRpY2xlIGltcHJlc3Npb24iLCJldmVudF9pZCI6IjRjODEwNzQyLTJhZjYtNGNlMC1iMjU2LTI2MDVkM2FkN2E5ZSIsImV2ZW50X2NvdW50ZXIiOjE3MTAzMTc4MDk0OTcsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIyLjAuNjI2MS4xMTEgU2FmYXJpLzUzNy4zNiIsImVuZ2FnZWRfaW5fYXBwX2V2ZW50X2ZsYWciOjAsImluX2FwcF9ldmVudF9mbGFnIjoxLCJjbGllbnRfZGF0ZSI6IjIwMjQtMDMtMTMiLCJjbGllbnRfdGltZXN0YW1wIjoiMjAyNC0wMy0xMyAwOToxNjo0OS40OTc0OTciLCJzY3JlZW5fbmFtZSI6ImZvciB5b3UiLCJldmVudF9jYXRlZ29yeSI6InBvcnRhbCBwcm9kdWN0IGZ1bm5lbCIsImZyb250ZW5kX3ZlcnNpb25fbmFtZSI6IjEuMS45IiwicmVwb3J0X3R5cGUiOiJ3ZWIgLSBjc3IiLCJmcm9udGVuZF92ZXJzaW9uX2NvZGUiOjEwMTA5MCwiZW50cnlfcG9pbnQiOiJwb3J0YWwiLCJzZXNzaW9uX2NvdW50ZXIiOjEsInNlc3Npb25faWQiOiJjZjBhMDA4ZC1kOTAxLTRiZTUtYTA4Yy00YWZjNjNhYThiNDgiLCJ0YWJfbmFtZSI6InRyZW5kaW5nIiwiZW50cnlfcG9pbnRfbW9kZWxfaWQiOiIzMyIsIm1vZGVsX2lkIjoiMzMiLCJpdGVyYXRpb25faWQiOiJmOTZiY2UyZS1kMTQyLTRkYzEtODJkMC04OThhM2ZiODVjZDQiLCJzdHJhdGVneV9pZCI6Miwibm9uX3BlcnNvbmFsaXplZF9maXJzdF9pbmRleCI6Im5vbmUiLCJyYW5raW5nX3R5cGUiOjAsImZhbGxiYWNrX21vZGVsX2lkIjoibm9uZSIsInRyYWluaW5nX3J1bl9pZCI6Im5vbmUiLCJlbmdhZ2VkX2V2ZW50X3Nlc3Npb25fZHVyYXRpb24iOjAsInNlc3Npb25fZHVyYXRpb24iOjAsImF1cmFfdXNlcl9pZCI6IjQ1YjM5NmY0LWUwNDItNDZjNS1hY2Y4LTA3NjQ3MTVkYWQ4OCIsInVzZXJfYWJfdGVzdF9pZCI6Ijg2NyIsImJyYW5kIjoidC1tb2JpbGUiLCJjdXN0b21lciI6Im1ldHJvIiwibG9jYWxlIjoiZW4tVVMiLCJkZXZpY2VfbGFuZ3VhZ2UiOiJlbiIsImV4cGVyaWVuY2UiOiJwb3J0YWwiLCJvcGVyYXRpbmdfc3lzdGVtIjoiV2luZG93cyIsIm9wZXJhdGluZ19zeXN0ZW1fdmVyc2lvbiI6IjEwIiwiYmFja2VuZF92ZXJzaW9uX25hbWUiOiIzLjMuMSIsIml0ZW1faWQiOjE3NzM3MDQwLCJpdGVtX2hlYWRlciI6Ik1pdGNoIE1jQ29ubmVsbHMgU2lzdGVyLUluLUxhdyBEaWVkIEFmdGVyIEFjY2lkZW50YWxseSBSZXZlcnNpbmcgVGVzbGEgSW50byBQb25kOiBSZXBvcnQiLCJpdGVtX25hbWUiOiJhcnRpY2xlIiwiaXRlbV91bml0Ijoic21hbGwiLCJ0b3BpY19pZCI6ImxhdGVzdCIsImNvbnRlbnRfcHJvdmlkZXIiOiJidXp6ZmVlZCIsImNvbnRlbnRfcHJvdmlkZXJfc291cmNlIjoiYnV6emZlZWQiLCJpdGVtX3B1Ymxpc2hlZF9kYXRlIjoiMjAyNC0wMy0xM1QwMDowNDowMy4wMDBaIiwiaXRlbV90eXBlIjoicHJldmlldyIsIml0ZW1fZm9ybWF0IjoicHJldmlldyIsInBvc2l0aW9uX2luX2ZlZWQiOjEyLCJpdGVtX3VybCI6Imh0dHBzOi8vbWV0cm96b25lLm5ld3Nyb29tbGFicy5jb20vYXJ0aWNsZS1pbnRyby8xNzczNzA0MCIsImFydGljbGVfcmFuayI6OSwiZXZlbnRfdmFsdWUiOiJGZWVkYmFjayBNZW51OiBmYWxzZSJ9fQ%3D%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: Mnx8au4N8kwubExURO74nLOAPpo2ev5e1-sex4wvXPctIXHTvyV-PA==

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
256 B 100ms
29ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: d84b23f74ae06957fe0e03eb3fcb5ad315223152c33d53837febea039c98544d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://metrozone.newsroomlabs.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
557 B 185ms
125ms Fetch
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=903830
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c33c85bb7e8ea6704ef98681dffcd470a6839fd7ace590aa63c3ea5363a394a7

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0oiI4mPcuBTMkULgOQj9%2BZSSFi%2BYuKEq%2Fb3eiuIDuGqffAjOrc9Vkrq3kQWdTs%2BmYVOTZ%2BaYrUHrCf8AIKsHlcGhcJXVHWoqSTMA5BMW88U7CfKeUWazVSs7jTLb%2FzibGWDWcXd"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://metrozone.newsroomlabs.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 863a95866c1c2685-TXL
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 165ms
78ms Fetch
application/json 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.26.0&cb=92015702183&lsavail=1&bundle=lCGy1F9DOSUyQjR3WW1Idk54JTJCNEM1M2ZKTzNjMDAwQm9ORndZZHliUDlQYTJHcUI5c0xlaUklMkJxTlgwRFpCSm1vSXk3MG1Kc1h2ems2a0c3QkF1TFlmaEslMkZHcmtwWkl5TyUyRnZoTGthWjVwb3QlMkJGeXloY3AlMkZvbm9VSXdLN1VvVUFYZjYlMkZpMUc1JTJCZGpaSUR3Y2lBRzZkQmU5MUNpeUF1VVRReHAwQjI0aUdTT1NNTlVGUHclM0Q

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0a2d698fbd56aa12494760b3da09ab28e2e3519d5652482d82dfc6b3a451fc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://metrozone.newsroomlabs.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 430 B
969 B 238ms
126ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24922&site_id=451424&zone_id=2632130&size_id=15&alt_size_ids=19%2C44&us_privacy=1YNN&rf=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&tg_i.domain=metrozone.newsroomlabs.com&tg_i.page=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&tg_i.pbadslot=%2F21815112799%2Fmetro%2Fismetrozone%2Fmobilewebview%2Fdisplay%2Fwrtop&tk_flint=pbjs_lite_v8.26.0&l_pb_bid_id=10216da747c6bb&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F21815112799%2Fmetro%2Fismetrozone%2Fmobilewebview%2Fdisplay%2Fwrtop&m_ch_mobile=%3F0&slots=1&rand=0.6283346711620676
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: cd565ca51eac00aa6620ad361e04629d77f1cfab12ef258596120c3b817a1a69

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:49 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://metrozone.newsroomlabs.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 430
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 136ms
56ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://metrozone.newsroomlabs.com
date: Wed, 13 Mar 2024 08:16:49 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 0
271 B 135ms
108ms Fetch 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=3ddd5a84a4cd9f54444a66245f1e859b&pvId=cba803edb491b69e9f2c56348d6f99b5&sid=9636746&pid=71118&idx=0&wId=569&pad=0&org=0&tm=1122&eT=0&cnsnt=no_consent&widgetWidth=1576&widgetHeight=0&widgetX=12&widgetY=647&wRV=2010700&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=193&oo=true&lo=284&obreq=199&mvreq=1231&mvres=1423&cet=4g&to=1710317808220&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 13 Mar 2024 08:16:49 GMT
access-control-expose-headers: content-range
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: bd16974a067740668450963c0bf3b085
Content-Length: 0

GET
H2 200 platforms Show response
mv.outbrain.com/Multivac/api/ 5 KB
3 KB 146ms
146ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mv.outbrain.com/Multivac/api/platforms?contentUrl=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&idx=1&rand=72089&app_ver=3.3.1&widgetJSId=MB_13&va=true&et=true&format=html&app_id=com.metropcs.metrozone&t=Y2JhODAzZWRiNDkxYjY5ZTlmMmM1NjM0OGQ2Zjk5YjU=&clss=pmg7AgcP9Oiz5aUbaKzjyuNp%2FTn6rFmXwYnQa1E9sunTyiGQLoc2Vrz4bB%2B8E5HvbRy3rackzIijTzkVzXQ%2FzA%3D%3D&extid=w%3DPT_BOTTOM%2Cac%3Dmetro%2Cdmo%3D%2Cep%3Dportal%2Ccv%3D%2Cabt%3D&extid2=cp%3D%2Ccps%3D%2Cmid%3D33%2Cla%3Den%2Clo%3Den-us%2Cfvn%3D1.1.9&px=12&py=1047&vpd=0&cw=1576&settings=true&recs=true&key=IRONS2K1OLEJM4GB4HGIQAFE9&tch=0&adblck=false&abwl=false&ab=0&wl=0&activeTab=true&psub=www.metropcs.mobi&version=2010700&sig=TN3sNdWt&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5731773ed1b683c34fd2ed41782825eec374ddd3ccf0886766d7f9437ad9c933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cache-hits: 0, 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 varnish, 1.1 varnish
date: Wed, 13 Mar 2024 08:16:49 GMT
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1710317810.658360,VS0,VE126
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-traceid: b9f3e6fc6625e9355643b38f4b1a0bba
accept-ranges: bytes
content-length: 2503
x-served-by: cache-lga21959-LGA, cache-fra-eddf8230119-FRA

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame A470 4 KB
2 KB 29ms
29ms Document
text/html 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Wed, 13 Mar 2024 08:16:49 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Wed, 20 Mar 2024 08:16:49 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
333 B 119ms
118ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhZCBzaG93biIsImV2ZW50X2lkIjoiMjViMTg4MzAtYmFhMy00MDljLWE2NTItMDhlZjYyNmNmOWIwIiwiZXZlbnRfY291bnRlciI6MTcxMDMxNzgwOTY1MywidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjExMSBTYWZhcmkvNTM3LjM2IiwiZW5nYWdlZF9pbl9hcHBfZXZlbnRfZmxhZyI6MCwiaW5fYXBwX2V2ZW50X2ZsYWciOjEsImNsaWVudF9kYXRlIjoiMjAyNC0wMy0xMyIsImNsaWVudF90aW1lc3RhbXAiOiIyMDI0LTAzLTEzIDA5OjE2OjQ5LjY1MzY1MyIsInNjcmVlbl9uYW1lIjoiZm9yIHlvdSIsImV2ZW50X2NhdGVnb3J5IjoicG9ydGFsIHByb2R1Y3QgZnVubmVsIiwiZnJvbnRlbmRfdmVyc2lvbl9uYW1lIjoiMS4xLjkiLCJyZXBvcnRfdHlwZSI6IndlYiAtIGNzciIsImZyb250ZW5kX3ZlcnNpb25fY29kZSI6MTAxMDkwLCJlbnRyeV9wb2ludCI6InBvcnRhbCIsInNlc3Npb25fY291bnRlciI6MSwic2Vzc2lvbl9pZCI6ImNmMGEwMDhkLWQ5MDEtNGJlNS1hMDhjLTRhZmM2M2FhOGI0OCIsInRhYl9uYW1lIjoidHJlbmRpbmciLCJlbnRyeV9wb2ludF9tb2RlbF9pZCI6IjMzIiwibW9kZWxfaWQiOiIzMyIsIml0ZXJhdGlvbl9pZCI6ImY5NmJjZTJlLWQxNDItNGRjMS04MmQwLTg5OGEzZmI4NWNkNCIsInN0cmF0ZWd5X2lkIjoyLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6MCwiZmFsbGJhY2tfbW9kZWxfaWQiOiJub25lIiwidHJhaW5pbmdfcnVuX2lkIjoibm9uZSIsImVuZ2FnZWRfZXZlbnRfc2Vzc2lvbl9kdXJhdGlvbiI6MCwic2Vzc2lvbl9kdXJhdGlvbiI6MCwiYXVyYV91c2VyX2lkIjoiNDViMzk2ZjQtZTA0Mi00NmM1LWFjZjgtMDc2NDcxNWRhZDg4IiwidXNlcl9hYl90ZXN0X2lkIjoiODY3IiwiYnJhbmQiOiJ0LW1vYmlsZSIsImN1c3RvbWVyIjoibWV0cm8iLCJsb2NhbGUiOiJlbi1VUyIsImRldmljZV9sYW5ndWFnZSI6ImVuIiwiZXhwZXJpZW5jZSI6InBvcnRhbCIsIm9wZXJhdGluZ19zeXN0ZW0iOiJXaW5kb3dzIiwib3BlcmF0aW5nX3N5c3RlbV92ZXJzaW9uIjoiMTAiLCJiYWNrZW5kX3ZlcnNpb25fbmFtZSI6IjMuMy4xIiwiaXRlbV9pZCI6ImRiMWNlOTQ4LWQzNjEtNDllZS1iZDA0LTY5ZTUxZWIwNTJiMCIsIml0ZW1fbmFtZSI6ImFkIiwiaXRlbV91bml0IjoibWVkaXVtIiwibW9uZXRpemF0aW9uX3Byb3ZpZGVyIjoib3V0YnJhaW4iLCJwb3NpdGlvbl9pbl9mZWVkIjo4LCJpdGVtX3VybCI6Im1ldHJvem9uZS5uZXdzcm9vbWxhYnMuY29tLyIsIml0ZW1fZm9ybWF0IjoibmF0aXZlIiwiZnNkX3VuaXQiOiIiLCJmc2RfdW5pdF9wYXR0ZXJuIjoiIiwibW9uZXRpemF0aW9uX3Byb3ZpZGVyX2FkX3VuaXRfaWQiOiJNQl8xMiIsIm1vbmV0aXphdGlvbl9wcm92aWRlcl9hZF91bml0X25hbWUiOiJQVF9NSUQifX0%3D
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: CuzPQUrQfYemHV9A7TjfReuSpRxHHOGMRXuHbxYjTPkVEpVd4iCPPw==

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 0
271 B 110ms
110ms Fetch 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL

https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=b34b9fa4851fa27475ea4da9e60f4564&pvId=cba803edb491b69e9f2c56348d6f99b5&sid=9636746&pid=71118&idx=1&wId=736&pad=0&org=0&tm=1275&eT=0&cnsnt=no_consent&widgetWidth=1576&widgetHeight=0&widgetX=12&widgetY=1047&wRV=2010700&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=147&oo=true&lo=284&obreq=199&mvreq=1430&mvres=1577&cet=4g&to=1710317808220&ll=0&chs=1&ab=0&wl=0

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 13 Mar 2024 08:16:49 GMT
access-control-expose-headers: content-range
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 9ffec5f1d47530f7c6efa7b22a1729a9
Content-Length: 0

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
330 B 120ms
120ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhZCBzaG93biIsImV2ZW50X2lkIjoiODllNmE0NjgtZGVkZC00ZTY1LTgyMjctYTU0YWZjZjk4NGVjIiwiZXZlbnRfY291bnRlciI6MTcxMDMxNzgwOTgwMiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjExMSBTYWZhcmkvNTM3LjM2IiwiZW5nYWdlZF9pbl9hcHBfZXZlbnRfZmxhZyI6MCwiaW5fYXBwX2V2ZW50X2ZsYWciOjEsImNsaWVudF9kYXRlIjoiMjAyNC0wMy0xMyIsImNsaWVudF90aW1lc3RhbXAiOiIyMDI0LTAzLTEzIDA5OjE2OjQ5LjgwMjgwMiIsInNjcmVlbl9uYW1lIjoiZm9yIHlvdSIsImV2ZW50X2NhdGVnb3J5IjoicG9ydGFsIHByb2R1Y3QgZnVubmVsIiwiZnJvbnRlbmRfdmVyc2lvbl9uYW1lIjoiMS4xLjkiLCJyZXBvcnRfdHlwZSI6IndlYiAtIGNzciIsImZyb250ZW5kX3ZlcnNpb25fY29kZSI6MTAxMDkwLCJlbnRyeV9wb2ludCI6InBvcnRhbCIsInNlc3Npb25fY291bnRlciI6MSwic2Vzc2lvbl9pZCI6ImNmMGEwMDhkLWQ5MDEtNGJlNS1hMDhjLTRhZmM2M2FhOGI0OCIsInRhYl9uYW1lIjoidHJlbmRpbmciLCJlbnRyeV9wb2ludF9tb2RlbF9pZCI6IjMzIiwibW9kZWxfaWQiOiIzMyIsIml0ZXJhdGlvbl9pZCI6ImY5NmJjZTJlLWQxNDItNGRjMS04MmQwLTg5OGEzZmI4NWNkNCIsInN0cmF0ZWd5X2lkIjoyLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6MCwiZmFsbGJhY2tfbW9kZWxfaWQiOiJub25lIiwidHJhaW5pbmdfcnVuX2lkIjoibm9uZSIsImVuZ2FnZWRfZXZlbnRfc2Vzc2lvbl9kdXJhdGlvbiI6MCwic2Vzc2lvbl9kdXJhdGlvbiI6MCwiYXVyYV91c2VyX2lkIjoiNDViMzk2ZjQtZTA0Mi00NmM1LWFjZjgtMDc2NDcxNWRhZDg4IiwidXNlcl9hYl90ZXN0X2lkIjoiODY3IiwiYnJhbmQiOiJ0LW1vYmlsZSIsImN1c3RvbWVyIjoibWV0cm8iLCJsb2NhbGUiOiJlbi1VUyIsImRldmljZV9sYW5ndWFnZSI6ImVuIiwiZXhwZXJpZW5jZSI6InBvcnRhbCIsIm9wZXJhdGluZ19zeXN0ZW0iOiJXaW5kb3dzIiwib3BlcmF0aW5nX3N5c3RlbV92ZXJzaW9uIjoiMTAiLCJiYWNrZW5kX3ZlcnNpb25fbmFtZSI6IjMuMy4xIiwiaXRlbV9pZCI6IjIyZmMxMTBjLWNmMzMtNGMxMi05NDE2LWQ2MTc0MWUyMmU3MyIsIml0ZW1fbmFtZSI6ImFkIiwiaXRlbV91bml0IjoibWVkaXVtIiwibW9uZXRpemF0aW9uX3Byb3ZpZGVyIjoib3V0YnJhaW4iLCJwb3NpdGlvbl9pbl9mZWVkIjoxMiwiaXRlbV91cmwiOiJtZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS8iLCJpdGVtX2Zvcm1hdCI6Im5hdGl2ZSIsImZzZF91bml0IjoiIiwiZnNkX3VuaXRfcGF0dGVybiI6IiIsIm1vbmV0aXphdGlvbl9wcm92aWRlcl9hZF91bml0X2lkIjoiTUJfMTMiLCJtb25ldGl6YXRpb25fcHJvdmlkZXJfYWRfdW5pdF9uYW1lIjoiUFRfQk9UVE9NIn19
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: _DoUI3qJYj-Y65cNjsb2rhiWCConyQ-JdOo8g-Z1V4mh1YqWuEOxcg==

GET
H2 200 mitch-mcconnells-sister-in-law-died-after-acciden-5-1332-1710288238-0_dblbig.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://img.buzzfeed.com/buzzfeed-static/static/2024-03/13/0/campaign_images/a7f72d78ab2f/ 7 KB
7 KB 20ms
20ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://img.buzzfeed.com/buzzfeed-static/static/2024-03/13/0/campaign_images/a7f72d78ab2f/mitch-mcconnells-sister-in-law-died-after-acciden-5-1332-1710288238-0_dblbig.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

581aa07132428decbcae9bb15ab0ccebb155e166bd875630ed5707c3a7bf1e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 01:19:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 25049
x-cache: Hit from cloudfront
content-length: 7003
x-request-id: 777cc23c958cbe311d6e3133c6a77d2e
last-modified: Wed, 13 Mar 2024 00:30:17 GMT
server: Cloudinary
etag: "d927b8523a4a109b0c83cced3d2861d6"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: DWMr_kFy4ePWjJMz9Ywg57d9suJCwFAGdGnr5BiONW1yTLVVPvT08A==

GET
H2 200 mitch-mcconnells-sister-in-law-died-after-acciden-5-1332-1710288238-0_dblbig.jpg
cloudinary-res-news.isappcloud.com/image/fetch/q_auto,f_auto/e_trim/ar_1:1,c_fill,h_200,g_auto/https://img.buzzfeed.com/buzzfeed-static/static/2024-03/13/0/campaign_images/a7f72d78ab2f/ 7 KB
7 KB 19ms
19ms Image
image/jpeg 2600:9000:2670:e00:e:22cc:ba40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:e00:e:22cc:ba40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

581aa07132428decbcae9bb15ab0ccebb155e166bd875630ed5707c3a7bf1e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 01:19:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P9
age: 25049
x-cache: Hit from cloudfront
content-length: 7003
x-request-id: 777cc23c958cbe311d6e3133c6a77d2e
last-modified: Wed, 13 Mar 2024 00:30:17 GMT
server: Cloudinary
etag: "d927b8523a4a109b0c83cced3d2861d6"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: QB-ewOpfFsxrJ06TbATXKcdx-Tz4C24WIhYqZQQRDU4S_CZAmPad6g==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
13 KB 782ms
782ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=813281683534621&correlator=2269413254752066&eid=44809527%2C31081715%2C31079527&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=21815112799%2Cmetro%2Cismetrozone%2Cmobilewebview%2Cdisplay%2Cwrtop&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x50%7C300x100&ifi=1&didk=3845625991&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1710317809872&lmt=1710155062&adxs=650&adys=337&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmetrozone.newsroomlabs.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=479568987.1710317810&ga_sid=1710317810&ga_hid=1593395110&ga_fc=false&cbidsp=CtkCCAESEgoFb3BlbngQbiACUgVvcGVueBINCgJpeBC_ASACUgJpeBLBAQoGY3JpdGVvEKsBGqkBCg8xMzE3YmUzMDFmMDExMWIQ3M8EGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX2Zvcm1hdCIQaGJfYmlkZGVyX2NyaXRlbyIOaGJfYWRpZF9jcml0ZW8iDGhiX3BiX2NyaXRlbyIOaGJfc2l6ZV9jcml0ZW8iEGhiX2Zvcm1hdF9jcml0ZW8oATICCgA6BgisAhD6ASABUgZjcml0ZW8SFwoHcnViaWNvbhDzASACUgdydWJpY29uEhkKCHB1Ym1hdGljEI0BIAJSCHB1Ym1hdGljGAIiJDdhOTE0Mzk4LTRiMzEtNGM2OC1iY2ZkLTFiODFlZjkzYmE3YioECAMgADIHdjguMjYuMEDQD0oA&dlt=1710317808351&idt=277&prev_scp=hb_format_criteo%3Dbanner%26hb_size_criteo%3D300x250%26hb_pb_criteo%3D0.07%26hb_adid_criteo%3D1317be301f0111b%26hb_bidder_criteo%3Dcriteo%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.07%26hb_adid%3D1317be301f0111b%26hb_bidder%3Dcriteo&cust_params=content_topic%3Dpolitics%252Ctrending%252Clatest%252Clocal%252Cbreaking%252Centertainment%252Cworld%252Cfinance%252Ctechnology%252Cscience%252Csports%252Chealth%252Cculture%252Clifestyle%252Cmusic%252Cautos%252Cgaming%252Ctravel%252Cenvironment%252Cbusiness%252Cfood_dining%252Cparenting%252Cpets%252Cfitness%252Cgardening%252Carchitecture%252Cbeauty%252Cfun%26frontend_version_name%3D1.1.9%26backend_version_name%3D3.3.1%26entry_point%3Dportal%26experience%3Dportal%26customer%3Dmetro%26operating_system_ver%3D10%26model_id%3D33%26language%3Den%26local%3Den-us&adks=3963916539&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba91a203ceafe1105964ae9e488de01925218f68aebad43b1da67ff5c818599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13314
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://metrozone.newsroomlabs.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 36ms
36ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0d68d62e37f17af59db6f0f115cdaae593e27d7ec3ec40dbb5e66310e66e546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12255
x-xss-protection: 0

GET
H2 200 container.html Show response
453f0adad4292390abc7e8be3c852b7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 323C 6 KB
3 KB 137ms
27ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://453f0adad4292390abc7e8be3c852b7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 08:16:50 GMT
expires: Thu, 13 Mar 2025 08:16:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 145ms
82ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 08:16:50 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D3C0 13 KB
5 KB 22ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 666
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 08:05:44 GMT
expires: Thu, 13 Mar 2025 08:05:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DCC8 829 B
1 KB 83ms
30ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d7926c8fec225489dfe91194e02e19cebf40967066d721d65fd4902be7b5bb3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HFEqy749hJGDGQgavC4PTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-HFEqy749hJGDGQgavC4PTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 08:16:50 GMT
expires: Wed, 13 Mar 2024 08:16:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame D3C0 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 08:05:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DCC8 0
0 51ms
51ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403070101&jk=813281683534621&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D3C0 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-Juopw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012402262017000/ Frame 33BA 196 KB
56 KB 99ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402262017000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Mar 2024 08:53:20 GMT
age: 84210
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56141
x-xss-protection: 0
server: sffe
etag: "28cb2d39d2a36ad8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Mar 2025 08:53:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 33BA 15 KB
5 KB 144ms
67ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402262017000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Mar 2024 18:11:24 GMT
age: 137126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5220
x-xss-protection: 0
server: sffe
etag: "49cab81f34612748"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Mar 2025 18:11:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 33BA 95 KB
28 KB 135ms
59ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402262017000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Mar 2024 08:56:50 GMT
age: 84000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29016
x-xss-protection: 0
server: sffe
etag: "d87e4eaec13170fc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Mar 2025 08:56:50 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 33BA 5 KB
2 KB 144ms
68ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402262017000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Mar 2024 18:11:24 GMT
age: 137126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "92d49a70059f031a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Mar 2025 18:11:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012402262017000/v0/ Frame 33BA 40 KB
13 KB 145ms
69ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012402262017000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Mar 2024 18:11:24 GMT
age: 137126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12941
x-xss-protection: 0
server: sffe
etag: "abc788b0a91a2b6d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Mar 2025 18:11:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 33BA 6 KB
1 KB 81ms
35ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Mar 2024 08:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 07:12:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Mar 2024 08:16:50 GMT

GET
H3 200 en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 33BA 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 18:51:27 GMT
x-content-type-options: nosniff
server: cafe
age: 48323
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 13 Mar 2024 18:51:27 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 33BA 295 B
319 B 21ms
21ms Image
image/png 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 08:47:32 GMT
x-content-type-options: nosniff
server: cafe
age: 84558
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 13 Mar 2024 08:47:32 GMT

GET
H2 200 / Show response
ib.isappcloud.com/ 20 B
331 B 115ms
115ms XHR
application/json 3.161.82.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.isappcloud.com/?data=eyJzdHJlYW0iOiJhdXJhX25ld3MiLCJkYXRhIjp7ImV2ZW50X25hbWUiOiJhZCBzaG93biIsImV2ZW50X2lkIjoiNDYwZjUwZTAtMTRjZC00NDAwLTg5MzgtYjMxMmMxYTFjMTdhIiwiZXZlbnRfY291bnRlciI6MTcxMDMxNzgxMDY5MywidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjExMSBTYWZhcmkvNTM3LjM2IiwiZW5nYWdlZF9pbl9hcHBfZXZlbnRfZmxhZyI6MCwiaW5fYXBwX2V2ZW50X2ZsYWciOjEsImNsaWVudF9kYXRlIjoiMjAyNC0wMy0xMyIsImNsaWVudF90aW1lc3RhbXAiOiIyMDI0LTAzLTEzIDA5OjE2OjUwLjY5MzY5MyIsInNjcmVlbl9uYW1lIjoiZm9yIHlvdSIsImV2ZW50X2NhdGVnb3J5IjoicG9ydGFsIHByb2R1Y3QgZnVubmVsIiwiZnJvbnRlbmRfdmVyc2lvbl9uYW1lIjoiMS4xLjkiLCJyZXBvcnRfdHlwZSI6IndlYiAtIGNzciIsImZyb250ZW5kX3ZlcnNpb25fY29kZSI6MTAxMDkwLCJlbnRyeV9wb2ludCI6InBvcnRhbCIsInNlc3Npb25fY291bnRlciI6MSwic2Vzc2lvbl9pZCI6ImNmMGEwMDhkLWQ5MDEtNGJlNS1hMDhjLTRhZmM2M2FhOGI0OCIsInRhYl9uYW1lIjoidHJlbmRpbmciLCJlbnRyeV9wb2ludF9tb2RlbF9pZCI6IjMzIiwibW9kZWxfaWQiOiIzMyIsIml0ZXJhdGlvbl9pZCI6ImY5NmJjZTJlLWQxNDItNGRjMS04MmQwLTg5OGEzZmI4NWNkNCIsInN0cmF0ZWd5X2lkIjoyLCJub25fcGVyc29uYWxpemVkX2ZpcnN0X2luZGV4Ijoibm9uZSIsInJhbmtpbmdfdHlwZSI6MCwiZmFsbGJhY2tfbW9kZWxfaWQiOiJub25lIiwidHJhaW5pbmdfcnVuX2lkIjoibm9uZSIsImVuZ2FnZWRfZXZlbnRfc2Vzc2lvbl9kdXJhdGlvbiI6MCwic2Vzc2lvbl9kdXJhdGlvbiI6MSwiYXVyYV91c2VyX2lkIjoiNDViMzk2ZjQtZTA0Mi00NmM1LWFjZjgtMDc2NDcxNWRhZDg4IiwidXNlcl9hYl90ZXN0X2lkIjoiODY3IiwiYnJhbmQiOiJ0LW1vYmlsZSIsImN1c3RvbWVyIjoibWV0cm8iLCJsb2NhbGUiOiJlbi1VUyIsImRldmljZV9sYW5ndWFnZSI6ImVuIiwiZXhwZXJpZW5jZSI6InBvcnRhbCIsIm9wZXJhdGluZ19zeXN0ZW0iOiJXaW5kb3dzIiwib3BlcmF0aW5nX3N5c3RlbV92ZXJzaW9uIjoiMTAiLCJiYWNrZW5kX3ZlcnNpb25fbmFtZSI6IjMuMy4xIiwiaXRlbV9pZCI6ImQxYTdkZjUxLWU1MjMtNDBiMS04MDVjLTZiMGUxMDJjYzc1NSIsIml0ZW1fbmFtZSI6ImFkIiwiaXRlbV91bml0IjoibWVkaXVtIiwibW9uZXRpemF0aW9uX3Byb3ZpZGVyIjoiZ2FtIiwicG9zaXRpb25faW5fZmVlZCI6NCwiaXRlbV91cmwiOiJtZXRyb3pvbmUubmV3c3Jvb21sYWJzLmNvbS8iLCJpdGVtX2Zvcm1hdCI6ImJhbm5lciIsImZzZF91bml0IjpudWxsLCJmc2RfdW5pdF9wYXR0ZXJuIjpudWxsLCJtb25ldGl6YXRpb25fcHJvdmlkZXJfYWRfdW5pdF9uYW1lIjoiLzIxODE1MTEyNzk5L21ldHJvL2lzbWV0cm96b25lL21vYmlsZXdlYnZpZXcvZGlzcGxheS93cnRvcCIsImFkX3NpemUiOiIzMDB4MjUwIiwiYWRfc2VydmVyX3RhcmdldGluZyI6ImhiX2RzcF9jcml0ZW8saGJfY3JpZF9jcml0ZW8saGJfYWRvbWFpbl9jcml0ZW8saGJfZm9ybWF0X2NyaXRlbyxoYl9zb3VyY2VfY3JpdGVvLGhiX3NpemVfY3JpdGVvLGhiX3BiX2NyaXRlbyxoYl9hZGlkX2NyaXRlbyxoYl9iaWRkZXJfY3JpdGVvLGhiX2NyaWQsaGJfZHNwLGhiX2Fkb21haW4saGJfZm9ybWF0LGhiX3NvdXJjZSxoYl9zaXplLGhiX3BiLGhiX2FkaWQsaGJfYmlkZGVyIiwiYWRfYWR2ZXJ0aXNlcl9pZCI6NDc1NDQyOTQxN319
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/assets/vendor-66f8bc84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-109.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:50 GMT
via: 1.1 e3d6f049badd72a460740c783d33cfa4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P10
x-powered-by: Express
etag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 20
x-amz-cf-id: I25PVrbGJzsaps5_V1gkXmeByUiY2QLxZ1U0eDYKI25VSLj336VlTg==

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/10658623251341129093/ Frame 33BA 44 KB
44 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10658623251341129093/2076313506083323656

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b33d5b038699ec388a49e45acd491c655a2c528a9959528df68512f91274cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Wed, 12 Mar 2025 01:34:47 GMT
date: Tue, 12 Mar 2024 01:34:47 GMT
x-content-type-options: nosniff
age: 110523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44989
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 11:46:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 33BA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce47427144e79f3f694847b7add6be76adf15a5a73f6c7b8037c722635f4612b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
53ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403070101&jk=813281683534621&bg=!9Pel97jNAAZsmiNCTJo7ADQBe5WfOHD-1QaT7JkGAvCPNPDK6tNmHbIuzTwfRFF1wH48GEGlkxsrcQkdaNUnr6ry3nqBAgAAAFJSAAAABGgBBwoAZFEp-OFUcHCs1plT3NIAuyl7vo83xsIGvGkvJNmcfFAUBTp8yVb96pJwK2y3KZEWnj5Q1vh3cr1iIKEtoUhRBO0LhSykaXrKZM_RwO3QZ2LwaAfBlZszoiwuvU7M0tYa88SsfG6ZAtH-marXOVk8Thc1sya-1JlXdmh6Cglabc6UwxL8fEnariZFZqN_hvR9ff05Amvf5xfG7LEvZGargQZskpLOVUGNCocYbh01ZhrLEmj0odsQ7xr2TING3zRXlUOa4igqsayylRBt_X0sZ-xFFmEBvwxfqFiODOPCrX7I6m5AMk0O-wcCr-mh6BQZYv8gfF-ui_C8OqY69D963wZc8NGqGpZO2P5FSzuY_g_89aYrKWIfUFtQdy7aACHL-Xv-IG14QxmE-fkYQkdBRDQsIXoPsG8UYkxF08v8ia8bPwVfSWYdVrBvy2KKcoweXac6-J2P5vM53cvUUuRw6O7Z84AfMezwwrOA_srF9Ta-c-zo2MyUDe-F-Pf5sG8ryF1kpiq8DyY4Al9V9bXsAYfiBOoet_bq-zGbdHuFwAw8jvc405uOQPNTpkc7AQQnWu9bb88qcLh4rWIx_H5fynJ1X3e39zPAL65JvC1BRyDbiLGOi77GOrrLyV8DaCjlNreWTOzW6w99-ms-1xBvsaeWh4TJx58SiilTkRBcHog8jOfrYHZVAoMqOBYKalTvDhhS_NV8ELf5J1AJ_bTGB-9yZmNAo5kcGtu2Xoe99HKR4H_XMu8BdTuwZLwAalUEn5Yu0l1dHhamaSIS8olTGEJ8EHrzVWPG4ZO0h9bikmee2lbQ9NZliGBnyIjKwLTfFZ5cErte4QjFS91qIoAPulyNATsSQbBP_Kbt3QHtzub3hBjnHB2TAULgGj-TqX9iWL1A9Va5gNQf9U4kpevG6tQ3l4cCXjTvJ6eDpv2OPwERkYRXpc6dzXmnjOjqG7RnV87fz_WenzSRAYS8yWgOV74_fYYpFmoXQDssVrhgpRGuhGEZr6ZRgGV2n77fo7Ndz8hsXZlRsD72Msr8TT86sQSrgH0c-8bC7qaC35tCzYoRm96Qedt4jP1v87Jb9FYmbhz5KfuLlfM0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 33BA 15 KB
16 KB 67ms
19ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 04:10:19 GMT
x-content-type-options: nosniff
age: 101191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 04:10:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 33BA 15 KB
16 KB 69ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 00:37:10 GMT
x-content-type-options: nosniff
age: 459580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 00:37:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 33BA 15 KB
15 KB 82ms
39ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metrozone.newsroomlabs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 21:59:51 GMT
x-content-type-options: nosniff
age: 123419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 21:59:51 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 33BA 0
0 55ms
55ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cw4ps8WDxZZuDOLmPjuwPkWyXyZqfdpOZltvJEofLvfzHARABIJrdnnRglfqagqwHoAGZ-unIKcgBCakCPr0TdO1Usj7gAgCoAwHIAwqqBOUCT9CUSFjah8mq7v7Q7D7Y5bbOaoH92IcsmwFpHNgtfP5ggSmMfhY3MH6tDj1CrANO2qrsYOXD8wjEY_TYB2mdPqy34akpvzEDNqo3WRyKxCUPwouncs-hYxEeFoSHymeA1QDju52YHG23BoSmyDphTeWD9IY0MCoGTpGkaPYq3Tb1v8zl50ItJqty176LkBHry6z7kumuQ8KVy7mzIcyy7mAGKYXtOd_M26_s1UpFOQ7qK2J38vGfGTyal_gtuNSBxA8ilx4xCpmnj8HSooor52mPamI-noltanWzOM3ahmq5CgMAsDRjTa-cab-TbV3PfB2aNillh49SP9O4kj24fL-VWudy4WMSd7aXIgu7jX-64Ns-wYOrLhuUVkU4jxJGSLDY4cnOt1AZiIxoMGSw6knjXL4BdlK0GiUmF8Fab3uoHafy-6GDSyjuEh8bt5iBVHu83YsYmj_tIZXObIPR2jcA15aKwATuvKH6ogTgBAGIBa2PjJ9LkgUECAQYAZIFBAgFGASgBi6AB5myuqgEqAfZtrECqAevvrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQLYBwDyBwQQy64X0ggrCJHhgHAQARgdMgfri4Dgv4ANOgmAQICAgICAlChIvf3BOljCqoys5vCEA5oJggJodHRwczovL3d3dy5lbnBhbC5kZS9hcnRpa2VsNC93YWVybWVwdW1wZW4tZm9lcmRlcnVuZy0yMDI0LWhhdXNiZXNpdHplci1rb25uZW4tamV0enQtYmlzLXp1LTcwLXNwYXJlbj91dG1fc291cmNlPWdkbl93cCZ1dG1fY2FtcGFpZ249MjAxOTc4Njk0ODUmdXRtX3Rlcm09MTQ2ODIyMTU5OTgyJnV0bV9jb250ZW50PTY4ODk1MzA3MzM5OSZ1dG1fcGxhY2VtZW50PW1ldHJvem9uZS5uZXdzcm9vbWxhYnMuY29tJnV0bV9kZXZpY2U9YyZkZXZpY2Vtb2RlbD2ACgPICwHiDRMI6dOMrObwhAMVuYeDBx0RNgAAuBPkA9gTDdAVAYAXAbIXHgocCAASFHB1Yi01MDQ0MzEwODI0MzczODc5GOOVcLIYCRIClFgYLiIBAA&sigh=rqeQ8ah7thk&uach_m=%5B%5D&ase=2&nis=5&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 49ms
49ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 08:16:51 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B79E 14 KB
6 KB 38ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=metrozone.newsroomlabs.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 08:16:51 GMT
server: Kestrel
server-processing-duration-in-ticks: 922263
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 141ms
70ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 14 Mar 2024 08:16:51 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B79E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=newsroomlabs.com&sn=ChromeSyncframe&so=3&topUrl=metrozone.newsroomlabs.com&bundle=lCGy1F9DOSUyQjR3WW1Idk54JTJCNEM1M2ZKTzNjMDAwQm9ORndZZHli...
https://mug.criteo.com/sid?cpp=VR5UXXx5ZWVwaXNFOWRhVTZNK0lvaE1oV1BlcnV0UW94anRwTFJXNnVlWGpHdUFjU3lhQzIwTWFDSWpzaENXU3EzWVdTTWFreEFnV2pmSWJXdUYzbFE5eW5LajlNWVFCWlY3STdMcHR6VTlYN1BoYi9mQ2ZhZDZaWGxDcV...

462 B
678 B

37ms
35ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VR5UXXx5ZWVwaXNFOWRhVTZNK0lvaE1oV1BlcnV0UW94anRwTFJXNnVlWGpHdUFjU3lhQzIwTWFDSWpzaENXU3EzWVdTTWFreEFnV2pmSWJXdUYzbFE5eW5LajlNWVFCWlY3STdMcHR6VTlYN1BoYi9mQ2ZhZDZaWGxDcVNuam9EZHRMS29uN1E4N0pVMDBocTI2VmNWYW0rSWM5Q1JXNWhvdzZFTndNRk9RWjJXVkVzY28vNCtDWW1NWWt1YlFuVENiOGpPMFdkOFFLdkhqYWwwK3NSUlhjb096ejZFMXo2OHlseDJxaStjZTB6RHpUN2h1WC9BcFlDYVFzWHIxbmlKK1B5TzJHMHRaS2JwaFVsWlUxNWhVQ1p0WS8zZzRyNU5WSmx0SkErd2Z5QUNUST18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

800978a1820e669fb9b0f32635d3f406bfc72938ec55d49416c530f4d7d70353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 743817
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=VR5UXXx5ZWVwaXNFOWRhVTZNK0lvaE1oV1BlcnV0UW94anRwTFJXNnVlWGpHdUFjU3lhQzIwTWFDSWpzaENXU3EzWVdTTWFreEFnV2pmSWJXdUYzbFE5eW5LajlNWVFCWlY3STdMcHR6VTlYN1BoYi9mQ2ZhZDZaWGxDcVNuam9EZHRMS29uN1E4N0pVMDBocTI2VmNWYW0rSWM5Q1JXNWhvdzZFTndNRk9RWjJXVkVzY28vNCtDWW1NWWt1YlFuVENiOGpPMFdkOFFLdkhqYWwwK3NSUlhjb096ejZFMXo2OHlseDJxaStjZTB6RHpUN2h1WC9BcFlDYVFzWHIxbmlKK1B5TzJHMHRaS2JwaFVsWlUxNWhVQ1p0WS8zZzRyNU5WSmx0SkErd2Z5QUNUST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 292799
content-length: 0
expires: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 33BA 42 B
64 B 56ms
56ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZZ1EIUSSjbpy7RWN2rX-hdUy8gJ04Hj4QRUHw_16GK-CkPWIIBH9Rp-sBJi4dd8pdq2u45wtmVN5_A_XvXveZFUYBJ3qyRjOJSTYMEHaGhBsqvofgqNVGzTnquuc13nLYdD2kI_PtKsca_KfUAtR6rlOnghxK4mPSmO14sW4p&sig=Cg0ArKJSzKCXOnOUzjNTEAE&id=ampim&o=650,337&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=212&tls=1213&g=100&h=100&tt=1213&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://metrozone.newsroomlabs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame D4A7 3 KB
2 KB 227ms
30ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 934
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 863a959b9a808f2d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 13 Mar 2024 08:16:53 GMT
expires: Wed, 13 Mar 2024 12:16:53 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame EDAB 16 KB
6 KB 243ms
33ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161760&us_privacy=1YNN
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=171427
content-encoding: gzip
content-length: 5685
content-type: text/html
date: Wed, 13 Mar 2024 08:16:53 GMT
expires: Fri, 15 Mar 2024 07:54:00 GMT
last-modified: Tue, 13 Feb 2024 04:57:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A453 2 KB
1007 B 202ms
20ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0db0c6b0fa609e2d64cd4a065f652828236be1730861409986f2a74566dc0b8a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 686
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Mar 2024 08:16:53 GMT
ETag: "2052b-661-613698fc7e540"
Last-Modified: Mon, 11 Mar 2024 21:52:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 pd Show response
t-mobile-d.openx.net/w/1.0/ Frame 33C8 199 B
202 B 174ms
157ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t-mobile-d.openx.net/w/1.0/pd?us_privacy=1YNN
Requested by: Host: metrozone.newsroomlabs.com
URL: https://metrozone.newsroomlabs.com/prebid.js?version=8.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Wed, 13 Mar 2024 08:16:52 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A453 40 KB
11 KB 27ms
27ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bf53909b8605b2d5ee24f7be4d31bd4bb964ae07eed251e74ddb7afec5fdf884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1YNN
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 08:16:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 20:03:37 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=42386
Connection: keep-alive
Content-Length: 10989
Expires: Wed, 13 Mar 2024 20:03:19 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 2EEF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
821 B

53ms
52ms

Document
text/html

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295d7473b781bfcb15850b272fed14bb83fc8b905c7024beef6a0b70cc710b9c

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 863a959c49d62685-TXL
content-encoding: br
content-type: text/html
date: Wed, 13 Mar 2024 08:16:53 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TowswSN4agXnKB6wIcVxzyXKrY3FjUYl2NBxjLLFF3QgaDhjDO5q3KrDyd43J9nvv50pvcCnIPCBCY9LRFO99fKOQ4gvIOcqGcDzL%2BU01eJ4HeCzRmNdtP2GiZB1m%2BYIFOkknWUPnUaXeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 863a959bf94f2685-TXL
content-length: 0
date: Wed, 13 Mar 2024 08:16:53 GMT
expires: 0
location: /usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odMLrwnhiDcWHyCRZas2uEdj1ngA0YjK69DQVVdR43WoL9UeXrZWJGkdHjmyExOzKpgTvl0QOdwMwFk4fshlaepsqPOBCRi3JG81rNiMW0fgNyHuQE0lsEjMW%2Ff2e5yMgP99hlPO1iBy0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame A453 7 B
380 B 121ms
21ms XHR
application/json 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?us_privacy=1YNN
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame EDAB 0
42 B 127ms
32ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40958529&p=161760&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161760&us_privacy=1YNN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:51 GMT
content-length: 0

GET
H/1.1 200
OK 31327
i.liadm.com/s/ Frame 2EEF 0
180 B 493ms
119ms Image
text/plain 3.229.253.235

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZfFg9VVbLVsAAFLzAPkZUAAA%265177&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.253.235 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 08:16:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 2EEF 170 B
232 B 101ms
31ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZfFg9VVbLVsAAFLzAPkZUAAAFDkAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 2EEF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfFg9VVbLVsAAFLzAPkZUAAAFDkAAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfFg9VVbLVsAAFLzAPkZUAAAFDkAAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

127ms
127ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfFg9VVbLVsAAFLzAPkZUAAAFDkAAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 08:16:53 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NZ9YB07V1B66MF9GHHR8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 08:16:53 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NA5TY1DX3YT9Q9ZMKC83
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZfFg9VVbLVsAAFLzAPkZUAAAFDkAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2EEF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfFg9VVbLVsAAFLzAPkZUAAA

170 B
409 B

33ms
31ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfFg9VVbLVsAAFLzAPkZUAAA

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIzOYVODL2e2xPB8yrXiEQXjT8Xx4%2FbDZelz6QM3nWw%2Bqu%2FuHZjy38E7idwyhwVOeemxtnQM9FoZecWX4fhROj4Lved3qM5tt0lshD5ilBmnYi21XDwHOMoqTjJv%2FS%2Fo6Dfi3m6kA6TSNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZfFg9VVbLVsAAFLzAPkZUAAA
cache-control: no-cache
cf-ray: 863a959cba8a2685-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 2EEF 70 B
149 B 135ms
42ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:53 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 2EEF
Redirect Chain

https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177
https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177&tc=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=zIXVbo0jc7f0ttl5TRw6GEaQI8bUx_tdLvP9T5Q5MZM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177&tc=1

43 B
771 B

56ms
55ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=zIXVbo0jc7f0ttl5TRw6GEaQI8bUx_tdLvP9T5Q5MZM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177&tc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NEySjFQB6hjzzG8YvOtcTIhmKBZouKBfF%2BMI59yhjIHF47fysrmrHSNZ4rnf1uCJaZu5l6ILle4ZJg6%2FIqknYtlrJvYgE8%2F00ZRqWfO1HDsN3blwMPoblxwwpU1jlquPOOAJ1BFyyxwFDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 863a959d6e336a73-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=zIXVbo0jc7f0ttl5TRw6GEaQI8bUx_tdLvP9T5Q5MZM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177&tc=1
pragma: no-cache
date: Wed, 13 Mar 2024 08:16:53 GMT, Wed, 13 Mar 2024 08:16:53 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 2EEF
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=

43 B
732 B

64ms
63ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MH7D3PsijkQdBtW5XX4wzSFvQfbdrCsbWAfvMMY2IhvoiceYUJZMNSxxCR6ywQx0pAHSeQppxJb03Ru04QVuMrL7IGNgiHRw8%2F2ExkHonqGlfFHbtTMqkFSMUpd78Hb9rwnjY2Ozgi2AKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 863a959fbb646a73-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 08:16:53 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 105
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 2EEF
Redirect Chain

https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=ZfFg9VVbLVsAAFLzAPkZUAAA%265177
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=88af89c4-e223-4a5b-b13f-3a90229d5954

43 B
734 B

53ms
53ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=88af89c4-e223-4a5b-b13f-3a90229d5954
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 08:16:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSk8%2BpB7eVIxC%2Fe4aUS%2BWBQg7IuUATnzm%2BLNU86GpvzNDwVRHrV8WJsO1Hm0PExj8Q83qEpUu4qmMk6EWK1d1tRpcpnoAoNnCsEZHhi6M8j5fqQ6FxoRhBxbwVxlQZW1kHRiW32Ru2d4dw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 863a959e78da6a73-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=88af89c4-e223-4a5b-b13f-3a90229d5954
Date: Wed, 13 Mar 2024 08:16:53 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 2EEF 43 B
229 B 38ms
31ms Image
image/gif 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZfFg9VVbLVsAAFLzAPkZUAAA%265177
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 08:16:53 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 85069
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 863a959cbc018f2d-FRA
content-length: 43
expires: Thu, 14 Mar 2024 08:16:53 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
metrozone.newsroomlabs.com/	1969-12-31 23:59:59	Name: i18next Value: en-US
metrozone.newsroomlabs.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 1710317809.867.34.335124\|1b719999a1e1e50b30bb1027f50ead91
.criteo.com/	1970-01-21 04:26:53	Name: uid Value: 43bc82a8-6528-4931-b0a6-1cecdb2fd419
.criteo.com/	1970-01-21 04:26:53	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 03:50:53	Name: i Value: 29d37949-302b-47f3-b931-9eded79296c3\|1710317809
.rubiconproject.com/	1970-01-21 03:50:53	Name: khaos Value: LTPJ2C0B-1T-39BJ
.rubiconproject.com/	1970-01-21 03:50:53	Name: audit Value: 1\|naVuGyos1qoG6NpMvFfrMLU1ZxogGjlwOA+xFj1I9se7SBgs1/kytZ3C58JSI3R1skasF1fjuxWifey3FrtL46yUFSj3mPVp8/Mnpyv6Pn8I5MM0imka7sTJU0t0FvEAIo8tEQuGXfHQD5U7tEfUTQ==
.newsroomlabs.com/	1970-01-20 23:24:29	Name: __eoi Value: ID=31bd94eaca101307:T=1710317809:RT=1710317809:S=AA-AfjbJPPCJ6CiwjjcqNtq4-hin
.newsroomlabs.com/	1970-01-21 04:26:53	Name: cto_bundle Value: -gO4xF9DOSUyQjR3WW1Idk54JTJCNEM1M2ZKTzNjMjNtREU3Tm1mcVZjYjUzT0prVlJnSGdTWUxxYnBoRFRwZUwxMSUyQm9yR0xJemxkTmZxVVhDSGNzbWxQNXFRZ3FpMHdaUSUyRlRqY1ZCOVZUR1pIUkJDbTd0ZDhZalJMUTh5ZTVGdm5PRG14a2F6Qjh6UGNGcyUyRmtiYjl5UFoyNGxWTE9uJTJCcFdXS1VCZ3ZHWUp5Z1RSS0llaWclM0Q
.ads.pubmatic.com/	1970-01-20 19:06:44	Name: KCCH Value: YES
.casalemedia.com/	1970-01-21 03:50:53	Name: CMID Value: ZfFg9VVbLVsAAFLzAPkZUAAA
.casalemedia.com/	1970-01-20 21:14:53	Name: CMPS Value: 5177
.casalemedia.com/	1970-01-20 21:14:53	Name: CMPRO Value: 5177
.creativecdn.com/	1970-01-21 03:50:53	Name: g Value: BnfDInkbsminMsWkuZcS_1710317813288
.creativecdn.com/	1970-01-21 03:50:53	Name: ts Value: 1710317813
.adsby.bidtheatre.com/	1970-01-20 19:15:22	Name: __kuid Value: 88af89c4-e223-4a5b-b13f-3a90229d5954.479531813
.amazon-adsystem.com/	1970-01-20 23:56:10	Name: ad-id Value: A9NcLB1j1UvBkAmJQVKcBKE\|t

67 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://metrozone.newsroomlabs.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

453f0adad4292390abc7e8be3c852b7d.safeframe.googlesyndication.com
ads.pubmatic.com
b1sync.zemanta.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.ampproject.org
cdn.indexww.com
cloudinary-res-news.isappcloud.com
cm.g.doubleclick.net
creativecdn.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.isappcloud.com
image6.pubmatic.com
js-sec.indexww.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
metrozone.newsroomlabs.com
mug.criteo.com
mv.outbrain.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
platform.twitter.com
rock.defybrick.com
rtb.openx.net
s.amazon-adsystem.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
syndication.twitter.com
t-mobile-d.openx.net
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google.com
www.instagram.com
104.18.38.76
104.244.42.136
108.138.6.136
142.250.185.226
146.75.118.132
172.64.151.101
178.250.1.8
184.30.22.30
185.184.8.90
185.64.189.112
185.64.190.78
188.166.17.21
199.232.188.157
23.35.236.201
23.35.237.86
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:2359:a400:8:787e:6600:93a1
2600:9000:2359:ce00:8:787e:6600:93a1
2600:9000:266e:e400:1a:ba5c:3900:93a1
2600:9000:2670:e00:e:22cc:ba40:93a1
2602:803:c003:200::21
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2004
2a00:1450:4001:831::200e
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f277:e2:face:b00c:0:4420
3.161.82.109
3.229.253.235
34.102.146.192
34.120.107.143
34.98.64.218
35.227.252.103
35.71.131.137
52.46.128.147
64.202.112.31
69.173.144.138
95.101.197.152
03bf62c25af0745def54bf068bf16a29608f6d7aafbb89092968405450263211
050516f819b983f93b77865f62505bc2f2ccb7baa6577d8759dabe9d7d471c40
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0925b072d9560bf4b2e77b00b1bb6ebf7ae82d6acb715cea186a1894437b2503
0a2d698fbd56aa12494760b3da09ab28e2e3519d5652482d82dfc6b3a451fc23
0afdd055573d02ec33ed9ccfd582c5aa34d4d997ff549742e67f6a4c566d466a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8dda4668a8ae21b56ff15e7af22a31861c9019403ab71a13ca0c91c5ff86a4
0db0c6b0fa609e2d64cd4a065f652828236be1730861409986f2a74566dc0b8a
0df16d028898985f58f84697f5f9c9f485c6ba493763f3389482b5e8e524520b
12940050936a155b6ce63dba4c41cc026fbe46f3fd3fe3f1175844ee463c724d
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1ab08df8c5b37463544b248ea9a17055b7056368d62fca8a10cfd24bb8e6aad6
1ec3f51275e9591ecc8a2cc293de405e036b86192cef5c919c1ae19a9b5fb3c7
2221a4b81836d8bf84712d52c6466728d7e4568ce98d025aa980d77d31b3cc32
248784887beb23f2068b5be2544c7fe1c45899ea81afe0cd2dd721309a8a6068
2770e2403192a7b11afe55d92fcda866ca008ff7e05e08ea98e8da20ece4b6d7
295d7473b781bfcb15850b272fed14bb83fc8b905c7024beef6a0b70cc710b9c
2a96db7ee1bd0c18c1e91435631bd2480d0daa40d15fe1c54bb32a9bf7c63275
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
314f8a4676f975ee7e90bd2625914b0a7df311c6abcf0d28d0dfddc13a109fac
316e06cbd89cfc40a70b1d2589e40e6c5c4178a081c47f107ed183ba6830a45a
34b5a3fbf7a2dde1d17d47f3a3eccbd91af80bf3f9522c4ba7684017dabaacdf
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3d6693cb498e2a4e05358475c986adfa058901ebc392a95e25d1a55a13406566
3d7926c8fec225489dfe91194e02e19cebf40967066d721d65fd4902be7b5bb3
4126f945551b69971aaf3f22669e5353891f0e92f4025ee140b14ba6c13656c9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
525b01cfa3328144f2bc6d75fd27d283645cca366babec0ee7bc9ac17d0f4900
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5731773ed1b683c34fd2ed41782825eec374ddd3ccf0886766d7f9437ad9c933
57c1d1b1b0b9057e20276bead208fa9c95048bfce328b24c73c15d0c0e158e5d
581aa07132428decbcae9bb15ab0ccebb155e166bd875630ed5707c3a7bf1e32
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
63a442077f326c67c8f1b9c4f3540d6ea7c3abf1859f9ec02743fe0c7e1da212
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
669b5c194e7ef49392ed930f8df70a89a06314216918df2381e585ad778aa979
67f4e9f61bbe8ecd0002f913c8ffb29a9f2f91ea18633fd0330adb8abb25c98a
6a6187838cc4af1fd500f6de6c5dc5b10af97a8db371ffd1feca4981e28a149a
6ae622d626fd0747d65683af177ca44ec691e7e814cbcd9d61164cca7086bcaa
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7a95f3fadf0ff141457f7906971b6f69517ad89e4026a99cbe8aed26d7968058
7e07a70eac30fe0f3576e82610fbb17a8341d8e24c8fcf7bf9deac39228dbf0d
7f3c9de480637ef61b17c607a53383cd2a7adc0597173a4f9719ebd1b0aa1cad
7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
800978a1820e669fb9b0f32635d3f406bfc72938ec55d49416c530f4d7d70353
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
95554499208d8d1437d11101adbbf85c4f3c732c8671017cda711c6141fc81a1
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b33d5b038699ec388a49e45acd491c655a2c528a9959528df68512f91274cee
9b8d5e11fdb96e1f3c58470db7a866215014efffffb7fbc7fdce1ef11d7e9c73
9ba91a203ceafe1105964ae9e488de01925218f68aebad43b1da67ff5c818599
a39628d1ee3071b6e80cca462901f141cabc1cba4be6138459fc1d21f4b9b85d
afe79b3e8c6c1ff6bc686c28dfd4af87e415c108fd61d6646731bc6a71261192
b0c4709b8d3161c18595e7b120a8411d4c1d9c54785a179d6656a13a38948964
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
bf53909b8605b2d5ee24f7be4d31bd4bb964ae07eed251e74ddb7afec5fdf884
c0249d23c8dc6ec5813adfd7adc54c69ea4ba84b7152491854fab008a1886ed9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c33c85bb7e8ea6704ef98681dffcd470a6839fd7ace590aa63c3ea5363a394a7
c4ffba6da17e0654b107030682d09fd08c27bdb875f446870e3e3a2df1ef9dcf
c861dd92be984fe498ece34c0f3c921861ac51bfee50323fcae21231abf7a82b
c8f0b3e51ff33242db4bc23537ca8394feff6e8d663fb69b0441b8a44de73619
cbf6ee11b4dc9fce4e7a0e68c509a883ad3dc18779ed25d8c22eb7f2cec45ea4
cd47bb00e0409067a9d46033138da49d97e7d6ce25ca00e797029f8715712754
cd565ca51eac00aa6620ad361e04629d77f1cfab12ef258596120c3b817a1a69
ce47427144e79f3f694847b7add6be76adf15a5a73f6c7b8037c722635f4612b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0fbce3bdbb712cd0263a11f2981a9b8cc5579479b68feb702d4f697fe5e50e9
d20c4f63b10de80373fddffea89d5b43ecbb834f9f82f6607e5e74000e018b82
d84b23f74ae06957fe0e03eb3fcb5ad315223152c33d53837febea039c98544d
dac1f312f1ea2c3ea6fcc90ede0317083a4c59be18a244eca869fc9d037f420f
dd1b634d3507b3a0427355bc92ac6a973a1b10e98a15527db0985b900b62513c
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e0d68d62e37f17af59db6f0f115cdaae593e27d7ec3ec40dbb5e66310e66e546
e38b04c540667e616f58877d8437652c56f03b00d0ad88866a4de746d6cc0554
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
ebabe313f704dfee2c57962abb10e4b6342b1c78622796f59ad8175ff9cf160a
ecd6e21eb20a0e1f017f20f36648190d6c7f6a09f833753be13d4c693a420da2
ecf87714b1104759439fae043deddf44f536e33195752e242f8115c8f30cf480
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18bbec027439d196d6118e8edbe2cea55923342319f49d7057318f5e56edb95
f35b5162d80d8118257c8076aa3316285c3efb8aa7f580aafdf8563ab9d51383
f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4
f47a2ec0a22aa3f4d5a6ea148dfec9114dec408a2968614e7bda8329839e297e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fdb4c07f55ff9e8be7c1dd23ef361d129a0a24a47a312c8e006cbc7a0b1ec4f6
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

metrozone.newsroomlabs.com Open in urlscan Pro 2600:9000:2359:ce00:8:787e:6600:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

131 Requests

94 %HTTPS

40 %IPv6

27 Domains

50 Subdomains

41 IPs

6 Countries

1598 kBTransfer

4428 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

metrozone.newsroomlabs.com Open in urlscan Pro
2600:9000:2359:ce00:8:787e:6600:93a1 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

94 %
HTTPS

40 %
IPv6

27
Domains

50
Subdomains

41
IPs

6
Countries

1598 kB
Transfer

4428 kB
Size

17
Cookies

131 HTTP transactions
1 data transactions