urlscan.io logo urlscan.io
SecurityTrails logo

metrolagu.click Open in urlscan Pro
209.145.58.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ozy.one/
Effective URL: https://metrolagu.click/
Submission: On September 14 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 31 HTTP transactions. The main IP is 209.145.58.114, located in Plano, United States and belongs to CONTABO, US. The main domain is metrolagu.click.
TLS certificate: Issued by R3 on September 6th 2022. Valid for: 3 months.
This is the only time metrolagu.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3035::ac43:bd7c (United States)

ASN13335 (CLOUDFLARENET, US)
ozy.one
4    209.145.58.114 (Plano, United States)

ASN40021 (CONTABO, US)
PTR: vmi962169.contaboserver.net
metrolagu.click
2    2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
waitheja.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
16    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
Apex Domain
Subdomains		 Transfer
16 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
249 KB
5 imgur.com
i.imgur.com — Cisco Umbrella Rank: 4706
42 KB
4 metrolagu.click
metrolagu.click
269 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
54 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 120
2 KB
2 ozy.one
ozy.one
1 KB
1 gstatic.com
fonts.gstatic.com
17 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 355
44 KB
1 waitheja.net
waitheja.net
357 B
31 9
Domain Requested by
16 i.ytimg.com metrolagu.click
5 i.imgur.com metrolagu.click
4 metrolagu.click 1 redirects metrolagu.click
2 www.youtube.com metrolagu.click
www.youtube.com
2 fonts.googleapis.com metrolagu.click
2 ozy.one 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 cdnjs.cloudflare.com metrolagu.click
1 waitheja.net metrolagu.click
31 9

This site contains links to these domains. Also see Links.

Domain
albums.work
stafaband.ozy.one
Subject Issuer Validity Valid
www.metrolagu.click
R3		 2022-09-06 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
waitheja.net
R3		 2022-08-22 -
2022-11-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://metrolagu.click/
Frame ID: FED01B21EDD742618A9134EB0754CC68
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

METROLAGU - Download MP3 Music Free

Page URL History Show full URLs

  1. http://ozy.one/ HTTP 301
    https://ozy.one/ HTTP 301
    http://metrolagu.click/ HTTP 301
    https://metrolagu.click/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

67 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

677 kB
Transfer

1236 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ozy.one/ HTTP 301
    https://ozy.one/ HTTP 301
    http://metrolagu.click/ HTTP 301
    https://metrolagu.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
metrolagu.click/
Redirect Chain
  • http://ozy.one/
  • https://ozy.one/
  • http://metrolagu.click/
  • https://metrolagu.click/
44 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.145.58.114 Plano, United States, ASN40021 (CONTABO, US),
Reverse DNS
vmi962169.contaboserver.net
Software
nginx /
Resource Hash
3e76521a0516896e710f1815b2a50ae769fb6592299270fb060d57557a5e0444
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Sep 2022 07:10:01 GMT
server
nginx
strict-transport-security
max-age=31536000 max-age=31536000
vary
Accept-Encoding
x-cache
HIT

Redirect headers

Cache-Control
max-age=0, no-cache
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Sep 2022 07:10:01 GMT
Location
https://metrolagu.click/
Server
nginx
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
X-Page-Speed
1.13.35.2-0
css
fonts.googleapis.com/ 		702 B
441 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fjalla+One:400,600,300&display:swap
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ba967e544d06616196f49d15433f600b48224f12b4305e87f07138d194b3dc8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 07:10:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 07:10:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 07:10:01 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,300&display:swap
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 06:26:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 14 Sep 2022 07:10:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Sep 2022 07:10:01 GMT
sydplqq.png
i.imgur.com/ 		111 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/sydplqq.png
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
243dd6e92a47b78c9a201caff1260f0f24c2b766c21d320dd7e04fae71c2238c
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
706921
x-cache
HIT, HIT
content-length
111
x-served-by
cache-iad-kiad7000103-IAD, cache-hhn4028-HHN
last-modified
Tue, 06 Sep 2022 02:47:58 GMT
server
cat factory 1.0
x-timer
S1663139402.022868,VS0,VE1
etag
"7cda59e5e1275c294aee0817728cc417"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
quv5PNl.png
i.imgur.com/ 		129 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/quv5PNl.png
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
e2c075b81c59f59ad1e0ebeaa5cc378469e286fb67371b6de206f695ab0e42f3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
3015407
x-cache
HIT, HIT
content-length
129
x-served-by
cache-iad-kjyo7100100-IAD, cache-hhn4028-HHN
last-modified
Mon, 25 Jul 2022 09:55:13 GMT
server
cat factory 1.0
x-timer
S1663139402.023574,VS0,VE1
etag
"0ec30fa0a052639a925e65b2ec9daf82"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
CLgXF3C.png
i.imgur.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/CLgXF3C.png
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
fd4819d885b83f5f411a1ab63e6b85a3ac563796e96b402a6d80fa126ba8811e
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
1289145
x-cache
HIT, HIT
content-length
26738
x-served-by
cache-iad-kiad7000174-IAD, cache-hhn4028-HHN
last-modified
Fri, 29 Jul 2022 20:19:12 GMT
server
cat factory 1.0
x-timer
S1663139402.023582,VS0,VE1
etag
"ddede18fdd6e5602e5fc9a0eebd87847"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
jquery.min.js
metrolagu.click/themes/metromp3/assets/ 		670 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrolagu.click/themes/metromp3/assets/jquery.min.js
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.145.58.114 Plano, United States, ASN40021 (CONTABO, US),
Reverse DNS
vmi962169.contaboserver.net
Software
nginx /
Resource Hash
3316fc9298407315daf3d6bb87b34cf3e40c69662f92f4d1ca2748efd7255303

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 04:41:43 GMT
content-encoding
gzip
x-original-content-length
686452
server
nginx
etag
W/"63176a5b-a7974"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, no-transform
content-length
258965
expires
Fri, 14 Oct 2022 04:41:42 GMT
5367763
waitheja.net/400/ 		0
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://waitheja.net/400/5367763
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-trace-id
f486866f21d017f3b9e1d60a8c53c4db
pragma
no-cache
date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
strict-transport-security
max-age=1
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
o6hN38w.jpg
i.imgur.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/o6hN38w.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a3487729ac64dcb21150ff7e649c9ce9c72b7e4ee8b51cb09d30ff7ebb35350d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
2424246
x-cache
HIT, HIT
content-length
14483
x-served-by
cache-iad-kjyo7100110-IAD, cache-hhn4028-HHN
last-modified
Fri, 22 Jun 2018 22:34:37 GMT
server
cat factory 1.0
x-timer
S1663139402.023623,VS0,VE1
etag
"34e75e3237a62deb9883988d3b561754"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
fontawesome-webfont.woff
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.0.2/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.0.2/fonts/fontawesome-webfont.woff?v=4.0.2
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31e176c04f24fabc3791db04c971a4e57151283b09bab71b730599cd6acc102
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://metrolagu.click/
Origin
https://metrolagu.click
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1776412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44436
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-ad90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyiRcl7JuPdyiMZukrqW3ojrhFfpygVlEgW%2B9XGBHxGXO7riiATqy2Yv6%2FeTeTtXTzkjLErNCSMdrQsC1w%2B0QOZKThEm2HkmICzKiL7hIvxh2rKTk4UsYiMvRK6Ozu%2FMO90Kv2La3f53QICs%2BZy7Acr6"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74a74ceeabe8bb86-FRA
expires
Mon, 04 Sep 2023 07:10:02 GMT
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v13/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fjalla+One:400,600,300&display:swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://metrolagu.click
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 20:23:55 GMT
x-content-type-options
nosniff
age
470767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16588
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:38:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Sep 2023 20:23:55 GMT
logo-metro.png
metrolagu.click/themes/metromp3/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrolagu.click/themes/metromp3/images/logo-metro.png
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.145.58.114 Plano, United States, ASN40021 (CONTABO, US),
Reverse DNS
vmi962169.contaboserver.net
Software
nginx /
Resource Hash
a7cf5ecf18e26d77887a57f8d6a76e1bde6ec771bb88192678ac0dadc24fbbf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 04:41:43 GMT
server
nginx
etag
"63094a97-f8b"
content-type
image/png
cache-control
public, no-transform
accept-ranges
bytes
content-length
3979
expires
Thu, 14 Sep 2023 04:41:43 GMT
mqdefault.jpg
i.ytimg.com/vi/sYJ_t2MiJF0/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/sYJ_t2MiJF0/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d09c37d8c5796e4ffb14d1c82ecfa44debef133ef3180dc6351edb87daf086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 06:23:05 GMT
x-content-type-options
nosniff
age
2817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17613
x-xss-protection
0
server
sffe
etag
"1654484169"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 08:23:05 GMT
mqdefault.jpg
i.ytimg.com/vi/ZJdsoaQf1FQ/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ZJdsoaQf1FQ/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd0453b786f3ee8476ac1025c2953f1f84febc5b1bda4bde5d2fdc566666437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 06:46:24 GMT
x-content-type-options
nosniff
age
1418
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22517
x-xss-protection
0
server
sffe
etag
"1651376802"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 08:46:24 GMT
mqdefault.jpg
i.ytimg.com/vi/_Yi_Fk7N2BM/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/_Yi_Fk7N2BM/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73c31f29af682800dd8c159f0db36478ce473995dc497a7106b36ca7710a9466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 06:48:12 GMT
x-content-type-options
nosniff
age
1310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11045
x-xss-protection
0
server
sffe
etag
"1661361400"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 08:48:12 GMT
mqdefault.jpg
i.ytimg.com/vi/8NQceh21kX8/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/8NQceh21kX8/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca98cd1a2b8404688c8fcaa183bc9fb8b9fac5998bbc079c9290c7d08920291c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17610
x-xss-protection
0
server
sffe
etag
"1659236048"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
mqdefault.jpg
i.ytimg.com/vi/3dNsVHBXo9g/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/3dNsVHBXo9g/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4dacd878b6f04fb94140a373a8562f198d487494fcd934c492c915d80c9fa7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14129
x-xss-protection
0
server
sffe
etag
"1658995088"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
mqdefault.jpg
i.ytimg.com/vi/wCgXOd9ek20/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/wCgXOd9ek20/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40f219a68dbbf6227f9504890bf84cb9c946c2cb98cc65832c1631b4d0ee5fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18349
x-xss-protection
0
server
sffe
etag
"1659100527"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
mqdefault.jpg
i.ytimg.com/vi/ShhCxBSpsg0/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ShhCxBSpsg0/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af431fdac7e17b18d40668f4473a0deafceb2ca055d1ce4b6cfb7bd27c3e766f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 05:13:39 GMT
x-content-type-options
nosniff
age
6983
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11238
x-xss-protection
0
server
sffe
etag
"1657797742"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 07:13:39 GMT
mqdefault.jpg
i.ytimg.com/vi/tM-shuyVlZE/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/tM-shuyVlZE/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7edc7934da135137e1f716512bb6e7515c66361cd9977c09a73b008cb5504bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14909
x-xss-protection
0
server
sffe
etag
"1653909900"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
mqdefault.jpg
i.ytimg.com/vi/rbd5uS0dLrI/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/rbd5uS0dLrI/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24addfd82703932b019afcd76b44f4e79fcbb205eef084d1b6cc874e2500ffb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13917
x-xss-protection
0
server
sffe
etag
"1654590279"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
mqdefault.jpg
i.ytimg.com/vi/NeLQfCdB-AE/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/NeLQfCdB-AE/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
116c07a1705cc8d954dcb4b5152458110998e47eda91786779cff176db903e06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16992
x-xss-protection
0
server
sffe
etag
"1653986075"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
mqdefault.jpg
i.ytimg.com/vi/9HAtBsF3beo/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/9HAtBsF3beo/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
339ff65972ed57fa45a8ee9139813cd093aa7b74a09333cab39e52785d5f4445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 06:08:53 GMT
x-content-type-options
nosniff
age
3669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9618
x-xss-protection
0
server
sffe
etag
"1614238867"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 08:08:53 GMT
mqdefault.jpg
i.ytimg.com/vi/lXNc7tRWRbQ/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/lXNc7tRWRbQ/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3964ce1a6e4a3cae779cdc0f91325a711409262578642bf15a395f4ea9b63cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12392
x-xss-protection
0
server
sffe
etag
"1654156864"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
mqdefault.jpg
i.ytimg.com/vi/791S305DHZY/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/791S305DHZY/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b9194de342d00cef84b0e8cba20c025b00fbbda223e86553495fe3bf5f35327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22483
x-xss-protection
0
server
sffe
etag
"1651308180"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
mqdefault.jpg
i.ytimg.com/vi/LQMXM29AVWI/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/LQMXM29AVWI/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
937883fec82c9b404e8cba73c97e8c9fb2ca68b0cec1ba929a8a86d70671eb8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 06:01:39 GMT
x-content-type-options
nosniff
age
4103
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16405
x-xss-protection
0
server
sffe
etag
"1651297923"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 08:01:39 GMT
mqdefault.jpg
i.ytimg.com/vi/tpXC_X8Obqo/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/tpXC_X8Obqo/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde31efba070e9540744819c2f9ba567f0145328094318e87469010cac71b5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16886
x-xss-protection
0
server
sffe
etag
"1650739545"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
mqdefault.jpg
i.ytimg.com/vi/YGf4PA9dlCY/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/YGf4PA9dlCY/mqdefault.jpg
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eca761b4c0fab991f24bec04dddf0c250ae63fe7d770dde5981d7d45f13d5c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17317
x-xss-protection
0
server
sffe
etag
"1650758524"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Sep 2022 09:10:02 GMT
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/themes/metromp3/assets/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
647b8b6d59c5e8651c2691c6d855d681c46f3fe200924bd395c7d1a3e220c0f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 14 Sep 2022 07:10:02 GMT
nF8S99K.png
i.imgur.com/ 		86 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/nF8S99K.png
Requested by
Host: metrolagu.click
URL: https://metrolagu.click/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
f79983d71457763f2b1d13b6e22f53f3792849034cccf77800b8f205e636f356
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 07:10:02 GMT
x-content-type-options
nosniff
age
2492211
x-cache
HIT, HIT
content-length
86
x-served-by
cache-iad-kjyo7100163-IAD, cache-hhn4028-HHN
last-modified
Thu, 03 Aug 2017 05:20:23 GMT
server
cat factory 1.0
x-timer
S1663139403.791881,VS0,VE1
etag
"a897a61171f3fb031c361f24851122b0"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
www-widgetapi.js
www.youtube.com/s/player/92f199c8/www-widgetapi.vflset/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/92f199c8/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23537cbe05f530af5bd6798be33c55ee2d7964e4eda722ee62d180d0faf62a37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metrolagu.click/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 03:00:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
14959
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53483
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 00:15:49 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 14 Sep 2023 03:00:43 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _0x5cd9 function| ls function| lazyload function| LazyLoad object| mybutton function| scrollFunction function| topFunction function| _0x37704f function| _0x5d0a55 function| _0x3d6917 function| _0x5b8e88 function| _0xacdf71 function| _0x1871ef function| _0x3c684b object| el number| volumen string| calidad string| idt function| _0x4e7d1b object| tag object| firstScriptTag function| _0x4528 undefined| intervalo object| youtube function| reverseString function| ro function| _0x354d88 function| inicio_play function| onYouTubePlayerAPIReady object| Player number| err function| onPlayerStateChange function| onPlayerReady function| new_play function| time_set function| ValidURL undefined| timeout function| onPlay function| onPause function| play function| pause function| siguiente function| _0x2a35 string| dom function| _0x798aa1 string| ex function| gd function| autoComplete function| _0x4309f2 function| jsonp_call function| _0x539687 function| _0x10ae71 function| $ function| jQuery object| sound object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

3 Cookies

Domain/Path Name / Value
metrolagu.click/ Name: X_CACHE_KEY
Value: c69364f1bd25ad9a60fe6dbb133cea57
.youtube.com/ Name: YSC
Value: 9nQsw1qrzHI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: n93FqIv8SfM

1 Console Messages

Source Level URL
Text
security error URL: https://metrolagu.click/
Message:
Refused to execute script from 'https://waitheja.net/400/5367763' because its MIME type ('') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
i.ytimg.com
metrolagu.click
ozy.one
waitheja.net
www.youtube.com
139.45.197.236
151.101.112.193
209.145.58.114
2606:4700:3035::ac43:bd7c
2606:4700::6811:190e
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:82b::2003
2a00:1450:400e:80f::200a
03d09c37d8c5796e4ffb14d1c82ecfa44debef133ef3180dc6351edb87daf086
116c07a1705cc8d954dcb4b5152458110998e47eda91786779cff176db903e06
1eca761b4c0fab991f24bec04dddf0c250ae63fe7d770dde5981d7d45f13d5c4
23537cbe05f530af5bd6798be33c55ee2d7964e4eda722ee62d180d0faf62a37
243dd6e92a47b78c9a201caff1260f0f24c2b766c21d320dd7e04fae71c2238c
24addfd82703932b019afcd76b44f4e79fcbb205eef084d1b6cc874e2500ffb0
3316fc9298407315daf3d6bb87b34cf3e40c69662f92f4d1ca2748efd7255303
339ff65972ed57fa45a8ee9139813cd093aa7b74a09333cab39e52785d5f4445
3e76521a0516896e710f1815b2a50ae769fb6592299270fb060d57557a5e0444
40f219a68dbbf6227f9504890bf84cb9c946c2cb98cc65832c1631b4d0ee5fea
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
5b9194de342d00cef84b0e8cba20c025b00fbbda223e86553495fe3bf5f35327
647b8b6d59c5e8651c2691c6d855d681c46f3fe200924bd395c7d1a3e220c0f0
73c31f29af682800dd8c159f0db36478ce473995dc497a7106b36ca7710a9466
7edc7934da135137e1f716512bb6e7515c66361cd9977c09a73b008cb5504bd6
937883fec82c9b404e8cba73c97e8c9fb2ca68b0cec1ba929a8a86d70671eb8b
a3487729ac64dcb21150ff7e649c9ce9c72b7e4ee8b51cb09d30ff7ebb35350d
a7cf5ecf18e26d77887a57f8d6a76e1bde6ec771bb88192678ac0dadc24fbbf2
af431fdac7e17b18d40668f4473a0deafceb2ca055d1ce4b6cfb7bd27c3e766f
b31e176c04f24fabc3791db04c971a4e57151283b09bab71b730599cd6acc102
b4dacd878b6f04fb94140a373a8562f198d487494fcd934c492c915d80c9fa7d
ba967e544d06616196f49d15433f600b48224f12b4305e87f07138d194b3dc8f
c3964ce1a6e4a3cae779cdc0f91325a711409262578642bf15a395f4ea9b63cd
ca98cd1a2b8404688c8fcaa183bc9fb8b9fac5998bbc079c9290c7d08920291c
cde31efba070e9540744819c2f9ba567f0145328094318e87469010cac71b5cb
cfdcbbbafe5f910c243c4e87bbbc98934f1531814fd140f2bdff38ea5ab62ac7
e2c075b81c59f59ad1e0ebeaa5cc378469e286fb67371b6de206f695ab0e42f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f79983d71457763f2b1d13b6e22f53f3792849034cccf77800b8f205e636f356
fd4819d885b83f5f411a1ab63e6b85a3ac563796e96b402a6d80fa126ba8811e
ffd0453b786f3ee8476ac1025c2953f1f84febc5b1bda4bde5d2fdc566666437