80.72.1.78 Open in urlscan Pro
80.72.1.78 Public Scan

URL:
http://80.72.1.78/
Submission: On May 09 via manual (May 9th 2020, 3:41:21 am UTC) from SE

Summary HTTP 85 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 26 domains to perform 85 HTTP transactions. The main IP is 80.72.1.78, located in Solna, Sweden and belongs to DCSTO-AS, SE. The main domain is 80.72.1.78.

This is the only time 80.72.1.78 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	80.72.1.78 80.72.1.78	42622 (DCSTO-AS) (DCSTO-AS)
1 1	80.72.1.76 80.72.1.76	42622 (DCSTO-AS) (DCSTO-AS)
1	51.140.146.131 51.140.146.131	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	35.186.252.235 35.186.252.235	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::681b:ba02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
6 6	2606:4700:303... 2606:4700:3033::681b:991a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:939	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	176.9.67.12 176.9.67.12	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:20:... 2606:4700:20::681a:244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:20:... 2606:4700:20::681a:be3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
5	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
2	40.113.142.219 40.113.142.219	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
2	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
8	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
3	2606:2800:233... 2606:2800:233:d84b:39e5:dbd4:25cd:99d9	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
2 3	152.199.22.2 152.199.22.2	15133 (EDGECAST) (EDGECAST)
2 2	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
3	185.64.189.244 185.64.189.244	62713 (AS-PUBMATIC) (AS-PUBMATIC)
85	32

12 80.72.1.78 (Solna, Sweden)

ASN42622 (DCSTO-AS, SE)
PTR: c80-72-1-78.g30.se

80.72.1.78	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.72.1.76 (Solna, Sweden) 1 redirects

ASN42622 (DCSTO-AS, SE)
PTR: c80-72-1-76.g30.se

inviso.rampanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.140.146.131 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.252.235 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 235.252.186.35.bc.googleusercontent.com

d.suntcontent.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681b:ba02 (United States)

ASN13335 (CLOUDFLARENET, US)

cloud.custosgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::681b:991a (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

static.metro.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:939 (United States)

ASN13335 (CLOUDFLARENET, US)

metromode.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.67.12 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.67.9.176.clients.your-server.de

pp.lp4.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:244 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.codigo.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:be3 (United States)

ASN13335 (CLOUDFLARENET, US)

c.suntcontent.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.113.142.219 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

trafficgateway.research-int.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:2800:233:d84b:39e5:dbd4:25cd:99d9 (United States)

ASN15133 (EDGECAST, US)

aka-cdn.adtech.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.199.22.2 (United States) 2 redirects

ASN15133 (EDGECAST, US)

adserver.adtech.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States) 2 redirects

ASN15133 (EDGECAST, US)

adserver-eu.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.244 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	479 KB
10	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com t.pubmatic.com	71 KB
6	adtech.de 2 redirects aka-cdn.adtech.de adserver.adtech.de	23 KB
6	metromode.se metromode.se
6	metro.se 6 redirects static.metro.se	616 B
5	doubleclick.net securepubads.g.doubleclick.net	100 KB
5	googletagservices.com www.googletagservices.com	126 KB
5	suntcontent.se 1 redirects d.suntcontent.se c.suntcontent.se	22 KB
3	rubiconproject.com fastlane.rubiconproject.com eus.rubiconproject.com	3 KB
3	google-analytics.com www.google-analytics.com	43 KB
2	advertising.com 2 redirects adserver-eu.adtech.advertising.com	781 B
2	nr-data.net bam.nr-data.net	451 B
2	facebook.com www.facebook.com	345 B
2	adform.net adx.adform.net	1 KB
2	research-int.se trafficgateway.research-int.se	503 B
2	facebook.net connect.facebook.net	151 KB
1	newrelic.com js-agent.newrelic.com	10 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	codigo.se analytics.codigo.se	5 KB
1	lp4.io pp.lp4.io
1	custosgroup.com cloud.custosgroup.com
1	googletagmanager.com www.googletagmanager.com	27 KB
1	cintnetworks.com c.cintnetworks.com	257 B
1	rampanel.com 1 redirects inviso.rampanel.com	444 B
85	26

	Domain	Requested by
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	metromode.se	80.72.1.78
6	static.metro.se	6 redirects
5	pagead2.googlesyndication.com	80.72.1.78
5	securepubads.g.doubleclick.net	www.googletagservices.com 80.72.1.78
5	www.googletagservices.com	80.72.1.78 securepubads.g.doubleclick.net
4	ads.pubmatic.com	80.72.1.78 ads.pubmatic.com
3	t.pubmatic.com	80.72.1.78
3	adserver.adtech.de	2 redirects 80.72.1.78
3	aka-cdn.adtech.de	securepubads.g.doubleclick.net aka-cdn.adtech.de 80.72.1.78
3	hbopenbid.pubmatic.com	80.72.1.78
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com 80.72.1.78
3	d.suntcontent.se	1 redirects 80.72.1.78 c.suntcontent.se
2	adserver-eu.adtech.advertising.com	2 redirects
2	bam.nr-data.net	js-agent.newrelic.com 80.72.1.78
2	www.facebook.com	80.72.1.78
2	fastlane.rubiconproject.com	80.72.1.78
2	adx.adform.net	80.72.1.78
2	trafficgateway.research-int.se	analytics.codigo.se 80.72.1.78
2	c.suntcontent.se	d.suntcontent.se c.suntcontent.se
2	connect.facebook.net	80.72.1.78 connect.facebook.net
1	js-agent.newrelic.com	80.72.1.78
1	eus.rubiconproject.com	ads.pubmatic.com
1	cdn.jsdelivr.net	80.72.1.78
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	analytics.codigo.se	80.72.1.78
1	pp.lp4.io	www.googletagmanager.com
1	cloud.custosgroup.com	80.72.1.78
1	www.googletagmanager.com	80.72.1.78
1	c.cintnetworks.com	80.72.1.78
1	inviso.rampanel.com	1 redirects
85	32

This site contains links to these domains. Also see Links.

Domain
www.metroevents.se
www.metro.se
metrobusiness.se
metromode.se
metrojobb.se
www.studentkortet.se
www.instagram.com
twitter.com
www.facebook.com
metromediahouse.se
www.metrojobb.se
sthesa.com

Subject Issuer	Validity	Valid
*.cintnetworks.com DigiCert SHA2 Secure Server CA	`2018-08-08` - `2020-10-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.suntcontent.se Thawte TLS RSA CA G1	`2019-08-15` - `2020-09-13`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-23` - `2020-09-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
trafficgateway.research-int.se Go Daddy Secure Certificate Authority - G2	`2019-07-29` - `2020-09-26`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-06` - `2021-05-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
aka-cdn.adtech.de DigiCert SHA2 Secure Server CA	`2020-04-17` - `2022-05-18`	2 years	crt.sh
*.adtech.de GeoTrust RSA CA 2018	`2019-08-07` - `2021-08-07`	2 years	crt.sh

This page contains 10 frames:

Primary Page: http://80.72.1.78/
Frame ID: EE7410C2F2EA83937DD87F79D3C7B1D6
Requests: 60 HTTP requests in this frame

Frame: https://cloud.custosgroup.com/m/landing/
Frame ID: D7EDEF9BF43F2BAA99FA2AECE1DDA151
Requests: 1 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 95B06883662807E527E1848A4CE10FB0
Requests: 1 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7C161432D332513FC354C30EDFE8C977
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 682129943427D45ECA07EE1F30DB239C
Requests: 1 HTTP requests in this frame

Frame: http://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 283F979B423439951E0A54F4B7A634F0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstacVqc-PJrdEqc8sE-j0eDr80zxige5f6ERu8wO1GvjdPYqnV4qk5REwZ01RehPh11diwGq2zF6eHs1poKwN-zGlCMqnz7_PEDP2sG9Jx9fayoGiHNoGck-0kIzCBfSPvgS2inRpobPz3j6m5znKf0mLE_ZWuTq0NxMtYokGXqNSbFWQSvN8lD-5125vgY1Z6r1PYPnyIhKxeFZIb-Sq-kTq-hlk1m17s_r2bEbP3r9tXkzfWbERZBhkQXExY08kipx9lrwQkQ&sai=AMfl-YTTc6ioAInGMOg0Og_WXjthjUHi7YEwScD5Fh7tZo_E7RtvMZMZG41N18sX-CSYlVMwbfHXNS0QfMQzwafGtAkYtMHRwPe4B5GS8IU0Vw&sig=Cg0ArKJSzMsfApvf6x7mEAE&urlfix=1&adurl=
Frame ID: 372AD7103053387C503FF312DF0C3D02
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8KLAcPPvCmhK-Sz5216Z53ove35aG_R31_snE2HlbJmpnF9sKJvAaURSftd5FGTqtqhlqcU4ZH43RkbX29_Izp5qxfHx1oe_AKZsf3k9ZAiChwOskUp_MniOP5KrXUYr5_7D7NexyG2IbspdQiqgO4TJqZM9vC3Mt1C9eHus8VuyEgkVcbfnaM4dHeFXBPtH0Kg0AaPjO5tJxYQXFZLKAMRYGfSSKoGjzS84ZWFG-EicBbdDQ7jOSuXd9fiiyzufnGTKl2376nwjHdw&sai=AMfl-YSKQ6GGMeZux45atTZT4rlxX80rLCkelj-pjPJQAEnpmIsp6hN5TdA3qWVZe8u_Z-2r1vE8bRg07B6pQBTHI4c11RfRZ7Ksw-48uxzvSQ&sig=Cg0ArKJSzCFvuOV8s1SCEAE&adurl=
Frame ID: BA46EA99410A7D25C3278E213053820F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwKbEk40q1VlGd0Z6gMf0WrEvMLAfd3fZALr7a-LpOXbEilfcptl9RWHhouHEKOO_q8q8VMuOX9t6LEAQkIaM8KgkSOgH5VFGnFiX9Q4TQ6a-3LkU_i8K574kVHmMfSmpeYbLTGkzqKw6R9z-mcEUfPx4t-Gkj9dJ1wtwe7yKnwROmAlGx1qKLZXj2B6uhL_qou4vXpV1gjzl-R523Z9Q9l1GWLFzmnrlc4MZ45ccWyqDDy8mw-4-K4owvb90bkpBz5sh3gYWjparvQjNF&sai=AMfl-YS_rpPJ1V_nj5XGiWf4l9eYcjCFsqoyBfwPk0XJ-MB1y9wzNMrtLkYl-YkrXldKxnD0Bcu6sIBdufBHcmaGDxJgRmjUZGQa4cd0ObjZKQ&sig=Cg0ArKJSzDlzzdRgTi75EAE&adurl=
Frame ID: 25ABDBD7F76AA9124156D7D74127D5C0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: BBE7C9332C917676B0D32011EA8A04F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

85
Requests

65 %
HTTPS

53 %
IPv6

26
Domains

32
Subdomains

32
IPs

8
Countries

1887 kB
Transfer

3183 kB
Size

0
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://www.metroevents.se/
Title: Metro Events

Search URL Search Domain Scan URL

URL: https://www.metro.se/anna-suvanna-davidsson
Title: Anna Suvanna Davidsson

Search URL Search Domain Scan URL

URL: https://www.metro.se/nisse-edwall
Title: Nisse Edwall

Search URL Search Domain Scan URL

URL: http://metrobusiness.se/
Title: annonsera

Search URL Search Domain Scan URL

URL: http://metromode.se/
Title: metro mode

Search URL Search Domain Scan URL

URL: http://metrojobb.se/
Title: metrojobb

Search URL Search Domain Scan URL

URL: http://www.studentkortet.se/
Title: studentkortet

Search URL Search Domain Scan URL

URL: https://www.instagram.com/metromediahouse/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/metrosverige
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MetroSverige
Title:

Search URL Search Domain Scan URL

URL: http://metromediahouse.se/
Title: Annonsera

Search URL Search Domain Scan URL

URL: https://www.metrojobb.se/
Title: Metrojobb

Search URL Search Domain Scan URL

URL: https://www.metrojobb.se/rekrytering/produkterochpriser
Title: Metrojobb Rekrytering

Search URL Search Domain Scan URL

URL: https://sthesa.com/
Title: Stockhom Esport Awads

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://inviso.rampanel.com/ram/Inviso?i=16883&c=81&n=raminviso&cg=1&r=1&rdir=1 HTTP 302
https://c.cintnetworks.com/?a=43&i=16883&e=1&c=1&c0=&c1=&c2=&c3=&c4=&c5=&c6=&c7=&c8=&c9=

Request Chain 5

http://d.suntcontent.se/d/init HTTP 302
https://d.suntcontent.se/cds/delivery/init

Request Chain 16

https://static.metro.se/3d2/391/horoskop-MEDIUM.png HTTP 302
https://metromode.se/

Request Chain 17

https://static.metro.se/27f/e28/25.H1MJ9G-SMALL.jpg HTTP 302
https://metromode.se/

Request Chain 31

https://static.metro.se/10e/9c5/horoskopet1-SMALL.jpg HTTP 302
https://metromode.se/

Request Chain 45

https://static.metro.se/6ce/45a/25.HDG094-MEDIUM.jpg HTTP 302
https://metromode.se/

Request Chain 46

https://static.metro.se/ab3/7be/25.H1PW3B-SMALL.jpg HTTP 302
https://metromode.se/

Request Chain 77

https://adserver.adtech.de/addyn/3.0/1568.1/6622024/0/-1/ADTECH;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwidth=1600;kvscreendensity=1;kvviewportwidth=1;kvviewportheight=1;misc=1588995640568 HTTP 302
https://adserver.adtech.de/addyn/3.0/1568.1/6622024/0/-1/ADTECH;cfp=1;rndc=1588995640;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwidth=1600;kvscreendensity=1;kvviewportwidth=1;kvviewportheight=1;misc=1588995640568 HTTP 302
https://adserver-eu.adtech.advertising.com/addyn/3.0/1568.1/6622024/0/-1/ADTECH;rdhost=adserver.adtech.de;cfp=1;rndc=1588995639;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwidth=1600;kvscreendensity=1;kvviewportwidth=1;kvviewportheight=1;misc=1588995640568 HTTP 302
https://adserver-eu.adtech.advertising.com/addyn/3.0/1568.1/6622024/0/-1/ADTECH;rdhost=adserver.adtech.de;cfp=2;rndc=1588995640;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwidth=1600;kvscreendensity=1;kvviewportwidth=1;kvviewportheight=1;misc=1588995640568 HTTP 302
https://adserver.adtech.de/addyn/3.0/1568.1/6622024/0/-1/ADTECH;apid=1Adaae6d44-91a6-11ea-bd34-02c0f9e2ad96;cfp=1;rndc=1588995640;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwidth=1600;kvscreendensity=1;kvviewportwidth=1;kvviewportheight=1;misc=1588995640568

Request Chain 78

https://static.metro.se/a3e/bf6/25.H2YH79-1-MEDIUM.jpg HTTP 302
https://metromode.se/

85 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request / Show response
80.72.1.78/ 99 KB
99 KB 77ms
63ms Document
text/html 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 398123c7880f2bc3d84b5557866e5dc156b4b6bd4033cb5d9180730d668dd439

Request headers

Host: 80.72.1.78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:37 GMT
Server: Apache
Content-Type: text/html;charset=UTF-8
Content-Language: sv-SE
Cache-Control: max-age=0
Expires: Sat, 09 May 2020 03:40:38 GMT
Keep-Alive: timeout=15
Connection: Keep-Alive
Transfer-Encoding: chunked

GET
H/1.1 200 critical-6e93d240cf.css
80.72.1.78/css/ 65 KB
65 KB 76ms
63ms Stylesheet
text/css 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/css/critical-6e93d240cf.css
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 1e823ea8b1b1041bcc7bcbbf943f65385027feb817d33e9360bb4d1249440542

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:37:16 GMT
Server: Apache
Content-Type: text/css
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 66739
Expires: Sat, 09 May 2020 03:40:38 GMT

GET
H/1.1 200 main-3b583dccc2.js Show response
80.72.1.78/js/ 229 KB
229 KB 40ms
39ms Script
application/javascript 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/js/main-3b583dccc2.js
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 93e0e37bb0ca3d966cb1b7e5c982b893cf32f3240d7b351fecb707f49952b526

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:36:53 GMT
Server: Apache
Content-Type: application/javascript
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 234164
Expires: Sat, 09 May 2020 03:40:38 GMT

GET
H/1.1

204
No Content

/
c.cintnetworks.com/
Redirect Chain

https://inviso.rampanel.com/ram/Inviso?i=16883&c=81&n=raminviso&cg=1&r=1&rdir=1
https://c.cintnetworks.com/?a=43&i=16883&e=1&c=1&c0=&c1=&c2=&c3=&c4=&c5=&c6=&c7=&c8=&c9=

0
257 B

168ms
25ms

Image
text/plain

51.140.146.131
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/?a=43&i=16883&e=1&c=1&c0=&c1=&c2=&c3=&c4=&c5=&c6=&c7=&c8=&c9=
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.146.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 May 2020 03:40:38 GMT
Arr-Disable-Session-Affinity: true
Cache-Control: no-cache, no-store, must-revalidate
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

Redirect headers

Pragma: no-cache
Date: Sat, 09 May 2020 03:40:39 GMT
Server: nginx/1.16.1
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Location: https://c.cintnetworks.com/?a=43&i=16883&e=1&c=1&c0=&c1=&c2=&c3=&c4=&c5=&c6=&c7=&c8=&c9=
Cache-control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
27 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5NK5B

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a0a1ca7c132a8ed0e135f9ac05ccebb6dba33a1e6d3134f89caf98fb071f22d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:39 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27859
x-xss-protection: 0
last-modified: Sat, 09 May 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 May 2020 03:40:39 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156491/428/ 226 KB
70 KB 48ms
33ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/pwt/156491/428/pwt.js
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: afffaeac29d2c8aa26bbc636071c198b22c7b093cbf019877ab27e9a5f47bcec

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jun 2019 08:26:46 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "13e0afe-38995-58ba8fd7a7e24"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=55110
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 70840
Expires: Sat, 09 May 2020 18:59:09 GMT

GET
H2

200

init Show response
d.suntcontent.se/cds/delivery/
Redirect Chain

http://d.suntcontent.se/d/init
https://d.suntcontent.se/cds/delivery/init

991 B
921 B

58ms
27ms

Script
text/javascript

35.186.252.235
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.suntcontent.se/cds/delivery/init
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.252.235 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.252.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 483d17474e0f62bb02628e8ac99eacf919e0b810918274e6ec2faa4d58ff9ca7

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 May 2020 03:40:39 GMT
content-encoding: gzip
last-modified: Sat, 09 May 2020 03:40:39 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="This is not a p3p policy."
status: 200
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript; charset=utf-8
alt-svc: clear
content-length: 510
via: 1.1 google
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://d.suntcontent.se/cds/delivery/init
Date: Sat, 09 May 2020 03:40:39 GMT
Via: 1.1 google
Server: Apache
Content-Length: 226
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200 sprite-f6843459d4.svg
80.72.1.78/static/assets/ 13 KB
14 KB 38ms
38ms Other
image/svg+xml 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/static/assets/sprite-f6843459d4.svg
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 2f56260b32550a76c194d4c383cf1f5d2d2b978c5ff1b15b4826902a2aa8d44f

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:37:16 GMT
Server: Apache
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 13682
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H2 200 /
cloud.custosgroup.com/m/landing/ Frame D7ED 0
0 62ms
17ms Document
text/html 2606:4700:3036::681b:ba02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.custosgroup.com/m/landing/
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:ba02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: cloud.custosgroup.com
:scheme: https
:path: /m/landing/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://80.72.1.78/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/

Response headers

status: 200
date: Sat, 09 May 2020 03:40:39 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d517c8a48d7ed641bf11cb2890d4b38ce1588995639; expires=Mon, 08-Jun-20 03:40:39 GMT; path=/; domain=.custosgroup.com; HttpOnly; SameSite=Lax; Secure
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 590866782bb31f35-FRA
content-encoding: br
cf-request-id: 02991e5f1c00001f35e50ff200000001

GET
H/1.1 200 screen-818c7a0834.css
80.72.1.78/css/ 80 KB
80 KB 38ms
38ms Stylesheet
text/css 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/css/screen-818c7a0834.css
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 84427a218767d4753b44a553d27ddd07482999c1f3c837a3aeff140087d44667

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:37:16 GMT
Server: Apache
Content-Type: text/css
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 81892
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H/1.1 200 Graphik-Regular-Web-ef6652b603.woff2
80.72.1.78/fonts/Graphik/ 42 KB
43 KB 40ms
39ms Font
application/font-woff2 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/fonts/Graphik/Graphik-Regular-Web-ef6652b603.woff2
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/js/main-3b583dccc2.js
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 0d2a9b0cccc916b5c2e18e9102910d434581b7c608c98a45d870c265b8cb12d5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/css/critical-6e93d240cf.css
Origin: http://80.72.1.78

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:36:53 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 43437
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H/1.1 200 Graphik-Bold-Web-a87d803a4c.woff2
80.72.1.78/fonts/Graphik/ 34 KB
34 KB 76ms
62ms Font
application/font-woff2 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/fonts/Graphik/Graphik-Bold-Web-a87d803a4c.woff2
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/js/main-3b583dccc2.js
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 41265a5696dab0307024b9772dbfd9f67ea69779459b49ca86c35c855380debd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/css/critical-6e93d240cf.css
Origin: http://80.72.1.78

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:36:53 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 34709
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H/1.1 200 Graphik-Semibold-Web-8aed368bfd.woff2
80.72.1.78/fonts/Graphik/ 46 KB
47 KB 76ms
62ms Font
application/font-woff2 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/fonts/Graphik/Graphik-Semibold-Web-8aed368bfd.woff2
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/js/main-3b583dccc2.js
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 14625c35fea28e40cc3e1b8f1f718ec50f8322ed913349fbfca2968ed6f64f33

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/css/critical-6e93d240cf.css
Origin: http://80.72.1.78

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:37:16 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 47313
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H/1.1 200 Graphik-RegularItalic-Web-1aa2593d20.woff2
80.72.1.78/fonts/Graphik/ 45 KB
45 KB 77ms
63ms Font
application/font-woff2 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/fonts/Graphik/Graphik-RegularItalic-Web-1aa2593d20.woff2
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/js/main-3b583dccc2.js
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: a4ca09edc121a4402282d07860e8124116702d68109d03972326934c7dc038ce

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/css/critical-6e93d240cf.css
Origin: http://80.72.1.78

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:36:53 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 46025
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H/1.1 200 ArnhemPro-BlondItalic-3a8a97b884.woff2
80.72.1.78/fonts/Arnhem/ 53 KB
54 KB 85ms
71ms Font
application/font-woff2 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/fonts/Arnhem/ArnhemPro-BlondItalic-3a8a97b884.woff2
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/js/main-3b583dccc2.js
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 7c2e0318994878b36d6678f7d053e2a6edb0402db6c25805774b1b398e38a744

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/css/critical-6e93d240cf.css
Origin: http://80.72.1.78

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:37:16 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 54572
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H/1.1 200 ArnhemPro-Normal-55e90cf567.woff2
80.72.1.78/fonts/Arnhem/ 55 KB
56 KB 76ms
38ms Font
application/font-woff2 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/fonts/Arnhem/ArnhemPro-Normal-55e90cf567.woff2
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/js/main-3b583dccc2.js
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 0e421fb7963d2357a10c45e7269b62ae3d1f330e39c7cb9c2b26a46dddfb7ad3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/css/critical-6e93d240cf.css
Origin: http://80.72.1.78

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:37:16 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 56560
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 46 KB
15 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062e879de4e77579c4a5246b16a65ef7a8dc7f1fb0f0efa3b3b828998dfab4cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "510 / 890 of 1000 / last-modified: 1588968800"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 15400
X-XSS-Protection: 0
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H2

200

/
metromode.se/
Redirect Chain

https://static.metro.se/3d2/391/horoskop-MEDIUM.png
https://metromode.se/

0
0

263ms
239ms

Image
text/html

2606:4700:20::681a:939
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metromode.se/
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:939 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 May 2020 03:40:39 GMT
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://metromode.se/
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 590866793d11c2bd-FRA
cf-request-id: 02991e5fc50000c2bda08be200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

/
metromode.se/
Redirect Chain

https://static.metro.se/27f/e28/25.H1MJ9G-SMALL.jpg
https://metromode.se/

0
0

258ms
234ms

Image
text/html

2606:4700:20::681a:939
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metromode.se/
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:939 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 May 2020 03:40:39 GMT
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://metromode.se/
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 590866793d15c2bd-FRA
cf-request-id: 02991e5fc50000c2bda08bf200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5NK5B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 2660
date: Sat, 09 May 2020 02:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Sat, 09 May 2020 04:56:19 GMT

GET
H/1.1 404
Not Found 5889a9c3e45a1de439b36d88.js
pp.lp4.io/app/58/89/a9/ 0
0 50ms
36ms Script
text/html 176.9.67.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pp.lp4.io/app/58/89/a9/5889a9c3e45a1de439b36d88.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5NK5B
Protocol: HTTP/1.1
Server: 176.9.67.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.67.9.176.clients.your-server.de
Software: /
Resource Hash

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK d73f5d2472b34e1fba4c0767fa1f3bda.js Show response
analytics.codigo.se/j/ 11 KB
5 KB 135ms
129ms Script
text/javascript 2606:4700:20::681a:244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://analytics.codigo.se/j/d73f5d2472b34e1fba4c0767fa1f3bda.js
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:244 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbb9577465168ef7cfe30ae52d311a60e8cd37c553203093b2e2d9182ec4a34

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:39 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
X-AspNet-Version: 4.0.30319
Arr-Disable-Session-Affinity: true
Connection: keep-alive
Content-Length: 4311
cf-request-id: 02991e5fb50000d72d63bf6200000001
X-AspNetMvc-Version: 5.2
Last-Modified: Sat, 09 May 2020 02:34:21 GMT
Server: cloudflare
Vary: *, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=432000
Accept-Ranges: bytes
CF-RAY: 590866792d7bd72d-FRA
Expires: Sat, 09 May 2020 07:34:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: wCiaFKlXS3D9gTmp0KpyFv0sxU8+iwLZ0dTi56nHskP1bFP/HYw0pKhG1DBWdmSQNoeQmiMO7JBbyxVWX6qTlw==
x-fb-trip-id: 1425083115
x-frame-options: DENY
date: Sat, 09 May 2020 03:40:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 loader.js Show response
c.suntcontent.se/cdn/asset/js/ 60 KB
19 KB 48ms
21ms Script
application/javascript 2606:4700:20::681a:be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.suntcontent.se/cdn/asset/js/loader.js?v=1212
Requested by: Host: d.suntcontent.se
URL: https://d.suntcontent.se/cds/delivery/init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:be3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bbe22f6adc04f05f28af99eed5877d66d3ec35da70482f2d0a83f0ca6f12b14

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 59086679ac493240-FRA
date: Sat, 09 May 2020 03:40:39 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 70890
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=31536000
content-encoding: br
cf-request-id: 02991e600700003240409e8200000001
expires: Sat, 08 May 2021 07:59:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=80.72.1.78

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 May 2020 03:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=80.72.1.78

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 May 2020 03:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020043001.js Show response
securepubads.g.doubleclick.net/gpt/ 239 KB
86 KB 74ms
32ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

2531e515d47b88300e3c5e3a91d5d22a292bdfdb6cec2e6399090bd9545ba92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 13:07:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87920
x-xss-protection: 0
expires: Sat, 09 May 2020 03:40:39 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 67 KB
25 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WR4RBL7&t=gtm1&cid=1504398722.1588995639

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1bd64b906393d8c1c8ab83c5e488072c9a4b8448c387649c3ec3b6fb7133c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:39 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25622
x-xss-protection: 0
last-modified: Sat, 09 May 2020 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 May 2020 03:40:39 GMT

GET
H2 200 953791437967125 Show response
connect.facebook.net/signals/config/ 475 KB
120 KB 89ms
89ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/953791437967125?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83b649e9981117be4c14fa305176ff04a00a4e6e56755dc52909cc41e331f69d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fb-trip-id: 1425083115
pragma: public
x-fb-debug: Hk1xsWxonGcU6MaiRiV0Q7pkTu6MPiPcD6ftb+CyQzcH1EsAruBgoJ4XNIYMSJAydooBRFAz9IL7X7PuT2X5Ww==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Sat, 09 May 2020 03:40:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nativendo.css
c.suntcontent.se/cdn/asset/css/ 7 KB
2 KB 12ms
11ms Stylesheet
text/css 2606:4700:20::681a:be3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.suntcontent.se/cdn/asset/css/nativendo.css?v=1212
Requested by: Host: c.suntcontent.se
URL: https://c.suntcontent.se/cdn/asset/js/loader.js?v=1212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:be3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc558f3b36965d26415cd23f669e4c532dfba0e0ef3533e4b4c8eddde84101c5

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 59086679eca03240-FRA
date: Sat, 09 May 2020 03:40:39 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 70890
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
status: 200
cache-control: public, max-age=31536000
content-encoding: br
cf-request-id: 02991e603200003240409e9200000001
expires: Sat, 08 May 2021 07:59:06 GMT

GET
H/1.1 200
OK OiPnl Show response
trafficgateway.research-int.se/PanelInfo/ 44 B
255 B 119ms
17ms Script
text/javascript 40.113.142.219
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficgateway.research-int.se/PanelInfo/OiPnl
Requested by: Host: analytics.codigo.se
URL: http://analytics.codigo.se/j/d73f5d2472b34e1fba4c0767fa1f3bda.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.113.142.219 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ca8b17872bcdea25b8b18b6b3821ee422578f1948cfa951a108af2df671226bd

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Arr-Disable-Session-Affinity: True
Request-Context: appId=cid-v1:e5ccf798-7c8e-412b-852f-2f66985e5e4b
Content-Length: 44
Content-Type: text/javascript

GET
H/1.1 200
OK TrafficCollector
trafficgateway.research-int.se/ 43 B
248 B 122ms
21ms Image
image/gif 40.113.142.219
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trafficgateway.research-int.se/TrafficCollector?rnr=4411376&siteId=d73f5d24-72b3-4e1f-ba4c-0767fa1f3bda&clientId=b498973e-46bd-4312-8d1b-9b22b4db22a6&cp=%2F&mst=3&topLoc=http%3A%2F%2F80.72.1.78%2F&wh=1200&ww=1600
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.113.142.219 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:39 GMT
Arr-Disable-Session-Affinity: True
Request-Context: appId=cid-v1:e5ccf798-7c8e-412b-852f-2f66985e5e4b
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
metromode.se/
Redirect Chain

https://static.metro.se/10e/9c5/horoskopet1-SMALL.jpg
https://metromode.se/

0
0

249ms
249ms

Image
text/html

2606:4700:20::681a:939
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metromode.se/
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:939 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 May 2020 03:40:39 GMT
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://metromode.se/
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 59086679fe17c2bd-FRA
cf-request-id: 02991e603d0000c2bda08c3200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200 ArnhemPro-Bold-22c6ee7b51.woff2
80.72.1.78/fonts/Arnhem/ 55 KB
56 KB 44ms
43ms Font
application/font-woff2 80.72.1.78
DCSTO-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://80.72.1.78/fonts/Arnhem/ArnhemPro-Bold-22c6ee7b51.woff2
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 80.72.1.78 Solna, Sweden, ASN42622 (DCSTO-AS, SE),
Reverse DNS: c80-72-1-78.g30.se
Software: Apache /
Resource Hash: 5d847d89cf9327ef61f93964dbbfcfd6039ba6cd2d057d9d0b2c144ad1d500c6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/css/critical-6e93d240cf.css
Origin: http://80.72.1.78

Response headers

Date: Sat, 09 May 2020 03:40:38 GMT
Last-Modified: Wed, 12 Jun 2019 13:37:16 GMT
Server: Apache
Content-Type: application/font-woff2
Cache-Control: max-age=31536000, max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 56536
Expires: Sat, 09 May 2020 03:40:39 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&aip=1&a=1901034155&t=pageview&_s=1&dl=http%3A%2F%2F80.72.1.78%2F&ul=en-us&de=UTF-8&dt=Metro%20-%20Nyheter%20alla%20snackar%20om&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAAAADQ~&jid=730974745&gjid=398362152&cid=1504398722.1588995639&tid=UA-12668636-7&_gid=2099564144.1588995639&_r=1&gtm=2wg4t0M5NK5B&cd12=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&z=911679203

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 May 2020 03:40:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 27ms
12ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20200509

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f96670b09946c40b503a11a60848fd729dab5ad40962c751bc3e7cb9349fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 09 May 2020 03:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-request-id: 02991e608c0000e00bbe0a3200000001
x-served-by: cache-fra19149-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"53f-cFien+H5l4Xa252sptlkar3RcIM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 5908667a7eb6e00b-FRA

POST
H/1.1 204
No Content translator Show response
hbopenbid.pubmatic.com/ 0
204 B 33ms
18ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: http://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://80.72.1.78
Date: Sat, 09 May 2020 03:40:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

POST
H/1.1 204
No Content translator Show response
hbopenbid.pubmatic.com/ 0
204 B 59ms
46ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: http://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://80.72.1.78
Date: Sat, 09 May 2020 03:40:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK / Show response
adx.adform.net/adx/ 5 B
678 B 63ms
49ms XHR
application/json 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

http://adx.adform.net/adx/?rp=4&bWlkPTE3NzIxOSZ0aW1lb3V0PTc1MCZ0cmFuc2FjdGlvbklkPTcxZmVhNzM3LThjMjQtNDM3YS05ZjA3LWIxYWRkODk4ZDIwMA%3D%3D&pt=gross&stid=cf657198-180b-40ce-bee5-bcb82a00daa1&fd=1

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

HTTP/1.1

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 May 2020 03:40:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Connection: keep-alive
Content-Length: 5
Pragma: no-cache
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://80.72.1.78
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=90
Expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 308 B
1 KB 57ms
43ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12032&site_id=215612&zone_id=1060772&size_id=2&alt_size_ids=31%2C55%2C78%2C214&p_pos=unknown&rf=http%3A%2F%2F80.72.1.78%2F&tk_flint=pbjs_lite_v2.16.0&x_source.tid=71fea737-8c24-437a-9f07-b1add898d200&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.5998873893968275
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: fb954a283ca5b21655337fe15887b4f2ed8d784f343165ec802b002543bfa62d

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 09 May 2020 03:40:39 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://80.72.1.78
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=500
Content-Length: 308
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 307 B
1 KB 56ms
43ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: http://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12032&site_id=215612&zone_id=1060776&size_id=15&alt_size_ids=9%2C10%2C32&p_pos=unknown&rf=http%3A%2F%2F80.72.1.78%2F&tk_flint=pbjs_lite_v2.16.0&x_source.tid=ea04c2aa-3364-499e-a00e-ebe1769533b7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=0&slots=1&rand=0.6454920796300225
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: a5e5d0a84f24b7bf14f3b6a70342e71b8219d6af5cdb9a7f5145b284f340a636

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 09 May 2020 03:40:39 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: http://80.72.1.78
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=53
Content-Length: 307
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK / Show response
adx.adform.net/adx/ 5 B
678 B 64ms
50ms XHR
application/json 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

http://adx.adform.net/adx/?rp=4&bWlkPTE3ODkxOCZ0aW1lb3V0PTc1MCZ0cmFuc2FjdGlvbklkPWVhMDRjMmFhLTMzNjQtNDk5ZS1hMDBlLWViZTE3Njk1MzNiNw%3D%3D&pt=gross&stid=7fe1e6b9-f4e7-4d46-a95a-c9279253a352&fd=1

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

HTTP/1.1

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 09 May 2020 03:40:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3P: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
Connection: keep-alive
Content-Length: 5
Pragma: no-cache
Access-Control-Allow-Headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://80.72.1.78
Cache-Control: no-cache, no-store, must-revalidate, no-transform
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=90
Expires: -1

POST
H/1.1 204
No Content translator Show response
hbopenbid.pubmatic.com/ 0
204 B 60ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: http://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://80.72.1.78
Date: Sat, 09 May 2020 03:40:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true

GET
H2 200 /
www.facebook.com/tr/ 44 B
245 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=953791437967125&ev=PageView&dl=http%3A%2F%2F80.72.1.78%2F&rl=&if=false&ts=1588995639482&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&it=1588995639317&coo=false&rqm=GET

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:39 GMT, Sat, 09 May 2020 03:40:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sat, 09 May 2020 03:40:39 GMT

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 95B0 0
0 21ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156491/428/pwt.js
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://80.72.1.78/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=59039
Expires: Sat, 09 May 2020 20:04:38 GMT
Date: Sat, 09 May 2020 03:40:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 / Show response
d.suntcontent.se/cds/delivery/get/ 35 B
207 B 26ms
26ms Script
text/javascript 35.186.252.235
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.suntcontent.se/cds/delivery/get/?url=http%3A%2F%2F80.72.1.78%2F&
Requested by: Host: c.suntcontent.se
URL: https://c.suntcontent.se/cdn/asset/js/loader.js?v=1212
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.252.235 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.252.186.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: 13f6c7350d4759eba88c6ee4d787d669f5552822030ee132850e19b204b5d862

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 May 2020 03:40:39 GMT
via: 1.1 google
last-modified: Sat, 09 May 2020 03:40:39 GMT
server: Apache
p3p: CP="This is not a p3p policy."
status: 200
cache-control: no-transform, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript; charset=utf-8
alt-svc: clear
content-length: 35
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

/
metromode.se/
Redirect Chain

https://static.metro.se/6ce/45a/25.HDG094-MEDIUM.jpg
https://metromode.se/

0
0

215ms
214ms

Image
text/html

2606:4700:20::681a:939
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metromode.se/
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:939 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 May 2020 03:40:39 GMT
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://metromode.se/
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 5908667aef52c2bd-FRA
cf-request-id: 02991e60d10000c2bda08c9200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

/
metromode.se/
Redirect Chain

https://static.metro.se/ab3/7be/25.H1PW3B-SMALL.jpg
https://metromode.se/

0
0

228ms
228ms

Image
text/html

2606:4700:20::681a:939
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metromode.se/
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:939 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 May 2020 03:40:39 GMT
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://metromode.se/
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 5908667aef53c2bd-FRA
cf-request-id: 02991e60d10000c2bda08ca200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 7C16 0
0 25ms
22ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156491/428/pwt.js
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://80.72.1.78/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=59039
Expires: Sat, 09 May 2020 20:04:38 GMT
Date: Sat, 09 May 2020 03:40:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 6821 0
0 65ms
21ms Document
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156491/428/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://80.72.1.78/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 23 Apr 2020 20:31:59 GMT
Content-Encoding: gzip
Content-Length: 9126
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=36806
Expires: Sat, 09 May 2020 13:54:05 GMT
Date: Sat, 09 May 2020 03:40:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 283F 0
0 37ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: http://ads.pubmatic.com/AdServer/js/pwt/156491/428/pwt.js
Protocol: HTTP/1.1
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://80.72.1.78/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/

Response headers

Last-Modified: Tue, 14 Apr 2020 10:27:52 GMT
ETag: "13006b6-a4bb-5a33da6f1a023"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 15243
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=94223
Expires: Sun, 10 May 2020 05:51:02 GMT
Date: Sat, 09 May 2020 03:40:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 nr-1167.min.js Show response
js-agent.newrelic.com/ 26 KB
10 KB 84ms
28ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1167.min.js
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:39 GMT
content-encoding: gzip
x-amz-request-id: 3F6B13CD94955BD2
x-cache: HIT
status: 200
content-length: 10178
x-amz-id-2: owq7LTC2ddnOfWY1uKv5BtBpowDIkcMDm/PvX4TjjjLvjnZV9HT8nBCSuZA0UK8UjkDDMb8Gv+k=
x-served-by: cache-fra19135-FRA
last-modified: Fri, 07 Feb 2020 23:39:55 GMT
server: AmazonS3
x-timer: S1588995640.812304,VS0,VE0
etag: "8155781ab74e51eee2ead2c1d5902e63"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2733

GET
H/1.1 200
OK b29654c326 Show response
bam.nr-data.net/1/ 57 B
275 B 444ms
111ms Script
text/javascript 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/b29654c326?a=30161373&v=1167.2a4546b&to=YwMHMkBUCERUAhFZDVpJNhZAXAhQdg4LRBBbCgkDQBovWVEEHXMNWhIXCV5ZA0UaBgBEK1oCAB5iVAFS&rst=1117&ref=http://80.72.1.78/&ap=33&be=127&fe=1028&dc=427&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1588995638716,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:13,%22rq%22:13,%22rp%22:77,%22rpe%22:176,%22dl%22:78,%22di%22:427,%22ds%22:427,%22de%22:427,%22dc%22:1027,%22l%22:1027,%22le%22:1028%7D,%22navigation%22:%7B%7D%7D&fp=436&fcp=436&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=953791437967125&ev=Microdata&dl=http%3A%2F%2F80.72.1.78%2F&rl=&if=false&ts=1588995639985&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Metro%20-%20Nyheter%20alla%20snackar%20om%22%2C%22meta%3Adescription%22%3A%22Metro.se%20%E2%80%93%20Nyheter%20som%20ber%C3%B6r%2C%20roar%20och%20engagerar.%20Sveriges%20st%C3%B6rsta%20nyhetstidning%2C%20nu%20med%20%C3%A4nnu%20mer%20lifestyle%2C%20musik%2C%20e-sport%20och%20debatt.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Metro%20%E2%80%93%20Nyheter%20du%20kommer%20att%20snacka%20om%22%2C%22og%3Adescription%22%3A%22L%C3%A4s%20nyheter%20fr%C3%A5n%20Sverige%20och%20hela%20v%C3%A4rlden%20p%C3%A5%20metro.se.%20Logga%20in%20p%C3%A5%20Facebook%20eller%20Google%20f%C3%B6r%20att%20kommentera%20artiklar.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&it=1588995639317&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:39 GMT, Sat, 09 May 2020 03:40:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Sat, 09 May 2020 03:40:39 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
14 KB 118ms
117ms XHR
text/plain 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4383363994141440&correlator=4309226178383728&output=ldjh&impl=fifs&adsid=NT&eid=21066031%2C21065919&vrg=2020043001&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200509&iu_parts=37421840%2Cdfp_m_desk_takeover%2Cdfp_m_desk_panorama_atf%2Cdfp_m_desk_widescreen_atf&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=1x1%2C980x120%7C728x90%7C980x360%7C970x90%7C980x240%2C250x280%7C250x480%7C300x600%7C300x250%7C250x360%7C250x120%7C250x240%7C160x600&prev_scp=pwtsid_pubmatic%3D20120826b51c46d%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D21fe22a8a0ed17b%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0%7Cpwtsid_pubmatic%3D22a68923924ed8a%26pwtbst_pubmatic%3D0%26pwtecp_pubmatic%3D0.00%26pwtsz_pubmatic%3D0x0&cookie_enabled=1&bc=23&abxe=1&lmt=1588995640&dt=1588995640178&dlt=1588995638794&idt=613&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C303%2C1120&adys=0%2C659%2C928&adks=3295870553%2C3323622425%2C304478885&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F80.72.1.78%2F&dssz=30&icsg=543408&mso=2048&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x3084%7C1600x268%7C300x280&msz=1585x0%7C980x120%7C300x280&ga_vid=1504398722.1588995639&ga_sid=1588995640&ga_hid=1901034155&fws=4%2C4%2C4&ohw=1585%2C1585%2C1585

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c4484a61a8bd078d6c3f990a2cf19040f43956ed265c71ffc04fb103f5c39840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13487
x-xss-protection: 0
google-lineitem-id: 4847339730,4578639000,4578639000
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138248864498,138226045716,138226045743
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://80.72.1.78
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 372A 0
0 32ms
31ms Fetch
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstacVqc-PJrdEqc8sE-j0eDr80zxige5f6ERu8wO1GvjdPYqnV4qk5REwZ01RehPh11diwGq2zF6eHs1poKwN-zGlCMqnz7_PEDP2sG9Jx9fayoGiHNoGck-0kIzCBfSPvgS2inRpobPz3j6m5znKf0mLE_ZWuTq0NxMtYokGXqNSbFWQSvN8lD-5125vgY1Z6r1PYPnyIhKxeFZIb-Sq-kTq-hlk1m17s_r2bEbP3r9tXkzfWbERZBhkQXExY08kipx9lrwQkQ&sai=AMfl-YTTc6ioAInGMOg0Og_WXjthjUHi7YEwScD5Fh7tZo_E7RtvMZMZG41N18sX-CSYlVMwbfHXNS0QfMQzwafGtAkYtMHRwPe4B5GS8IU0Vw&sig=Cg0ArKJSzMsfApvf6x7mEAE&urlfix=1&adurl=

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 May 2020 03:40:40 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 09 May 2020 03:40:40 GMT

GET
H2 200 DAC.js Show response
aka-cdn.adtech.de/dt/common/ Frame 372A 46 KB
16 KB 232ms
6ms Script
application/javascript 2606:2800:233:d84b:39e5:dbd4:25cd:99d9
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtech.de/dt/common/DAC.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:d84b:39e5:dbd4:25cd:99d9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FFD) /
Resource Hash: b3f611aa7518a9da205ca9575fb39872e85c04ebaa02eaf49ca4cbe1b65cae18

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:40 GMT
content-encoding: gzip
last-modified: Sat, 09 May 2020 03:08:18 GMT
server: ECAcc (frc/8FFD)
age: 1942
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 15742
expires: Sat, 09 May 2020 04:40:39 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 372A 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab9cbc82797d05b18d1a15697b8dc8e70cba544d3134a07e50c641166da1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588975424504927"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28371
x-xss-protection: 0
expires: Sat, 09 May 2020 03:40:40 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bb5347fd356ae8863aeb2695b9f2125a42b90449cd729e3527456dd1f20897b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588975424504927"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27855
x-xss-protection: 0
expires: Sat, 09 May 2020 03:40:40 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame BA46 0
0 31ms
31ms Fetch
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8KLAcPPvCmhK-Sz5216Z53ove35aG_R31_snE2HlbJmpnF9sKJvAaURSftd5FGTqtqhlqcU4ZH43RkbX29_Izp5qxfHx1oe_AKZsf3k9ZAiChwOskUp_MniOP5KrXUYr5_7D7NexyG2IbspdQiqgO4TJqZM9vC3Mt1C9eHus8VuyEgkVcbfnaM4dHeFXBPtH0Kg0AaPjO5tJxYQXFZLKAMRYGfSSKoGjzS84ZWFG-EicBbdDQ7jOSuXd9fiiyzufnGTKl2376nwjHdw&sai=AMfl-YSKQ6GGMeZux45atTZT4rlxX80rLCkelj-pjPJQAEnpmIsp6hN5TdA3qWVZe8u_Z-2r1vE8bRg07B6pQBTHI4c11RfRZ7Ksw-48uxzvSQ&sig=Cg0ArKJSzCFvuOV8s1SCEAE&adurl=

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 May 2020 03:40:40 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 09 May 2020 03:40:40 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/ Frame BA46 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d738cdd912e67257daf7f109c4436b2dbfd354cfb5332d5834718e9f99ef871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7164
x-xss-protection: 0
server: cafe
etag: 10051528402853977427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 19:54:11 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/ Frame BA46 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
server: cafe
etag: 1097331598879969194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 21:18:21 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA46 74 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab9cbc82797d05b18d1a15697b8dc8e70cba544d3134a07e50c641166da1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588975424504927"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28371
x-xss-protection: 0
expires: Sat, 09 May 2020 03:40:40 GMT

GET
H2 200 5301838747891094553
tpc.googlesyndication.com/simgad/ Frame BA46 332 KB
332 KB 9ms
8ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5301838747891094553

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405d8af2c63b8ff656c7b92202b85ab142418bf25fb7b24824ee6a6b390846b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Apr 2020 06:45:55 GMT
x-content-type-options: nosniff
age: 1457685
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339867
x-xss-protection: 0
last-modified: Fri, 23 Feb 2018 12:20:01 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Apr 2021 06:45:55 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25AB 0
0 35ms
30ms Fetch
image/gif 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwKbEk40q1VlGd0Z6gMf0WrEvMLAfd3fZALr7a-LpOXbEilfcptl9RWHhouHEKOO_q8q8VMuOX9t6LEAQkIaM8KgkSOgH5VFGnFiX9Q4TQ6a-3LkU_i8K574kVHmMfSmpeYbLTGkzqKw6R9z-mcEUfPx4t-Gkj9dJ1wtwe7yKnwROmAlGx1qKLZXj2B6uhL_qou4vXpV1gjzl-R523Z9Q9l1GWLFzmnrlc4MZ45ccWyqDDy8mw-4-K4owvb90bkpBz5sh3gYWjparvQjNF&sai=AMfl-YS_rpPJ1V_nj5XGiWf4l9eYcjCFsqoyBfwPk0XJ-MB1y9wzNMrtLkYl-YkrXldKxnD0Bcu6sIBdufBHcmaGDxJgRmjUZGQa4cd0ObjZKQ&sig=Cg0ArKJSzDlzzdRgTi75EAE&adurl=

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 May 2020 03:40:40 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 09 May 2020 03:40:40 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/ Frame 25AB 18 KB
7 KB 21ms
18ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d738cdd912e67257daf7f109c4436b2dbfd354cfb5332d5834718e9f99ef871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 19:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7164
x-xss-protection: 0
server: cafe
etag: 10051528402853977427
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 19:54:11 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/ Frame 25AB 2 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200506/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 21:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1235
x-xss-protection: 0
server: cafe
etag: 1097331598879969194
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 May 2020 21:18:21 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25AB 74 KB
28 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab9cbc82797d05b18d1a15697b8dc8e70cba544d3134a07e50c641166da1a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1588975424504927"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28371
x-xss-protection: 0
expires: Sat, 09 May 2020 03:40:40 GMT

GET
H2 200 9308753500932196672
tpc.googlesyndication.com/simgad/ Frame 25AB 118 KB
118 KB 21ms
19ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9308753500932196672

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bdb1d3d94e0c73dff135d3a26f0d874d027f8cb171f0887252fd85b497ddfe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 08 May 2020 17:37:17 GMT
x-content-type-options: nosniff
age: 36203
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120546
x-xss-protection: 0
last-modified: Fri, 23 Feb 2018 12:20:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 May 2021 17:37:17 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 17ms
16ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020043001&st=env

Requested by

Host: 80.72.1.78
URL: http://80.72.1.78/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc03e9d35d434cde702d1f402d6cf5eb5f1013ff089290fb206e3f4513bdca50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 May 2020 03:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5508
x-xss-protection: 0

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020043001.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 09 May 2020 03:40:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1582746470043195"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5456
X-XSS-Protection: 0
Expires: Sat, 09 May 2020 03:40:40 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame BBE7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://80.72.1.78/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://80.72.1.78/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 08 May 2020 23:31:58 GMT
expires: Sat, 08 May 2021 23:31:58 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14922
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BA46 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4609e8ac1ea6bd463989feb7efdd296cec29ce91c176f52d16ffdce396fa48ce

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 25AB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba35ceee54c719766c324f6164bba3f623a9adfd8a7a019a03ca908b9fb4e0c5

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 14ms
13ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020043001&jk=4383363994141440&bg=!QkGlQVlYFX92ovZixb8CAAAAQFIAAAANmQFxLdGd8CrGIT8vBr-Cpyg6CDLW5Mt6ds-pZyX6dU69p8cZe1t7UXXcS9QcdqGf3ouYmVE9L9Qf_oYWLLmXQuoUCGckpAoVLFOKpofxc2P0IzLkUy2UuPru8ZuRU9KXsyeP3zBqjVKl7dVQ_FiuZvMUV_uK_-6xXEpGlMRSNBbBX8WpNedh6yfRsRQFfzwVXDYRa1tbfPLJulFXIWGEjSW0C2YWhQOm73Ns4S_t_iHV1dDS3gqVdBZ7dE-Cv7Lcq4hl84mBYBz93meTjYkLK0BhIhw5Jf72IzdBExo5N5PP3Yxb5YwRrLVZqqYR2uyGuJocr8ssUrt_djWZ86WFw3ce3t-qQVC3zDj_naxcnVtRvLESC_dmiAcmbf7LbMv9TBfWzNcGx52-35mlLbAfImyF_8hUcvBlFNtOyMlvl05ztFIyAsU0z-kyR7zgEqz9MMP2g-mPEeSx0JFThXAspkPubLLsF9-hTDfMo9nRX4Liweos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 May 2020 03:40:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 postscribe.js Show response
aka-cdn.adtech.de/dt/common/ Frame 372A 19 KB
6 KB 6ms
6ms Script
application/javascript 2606:2800:233:d84b:39e5:dbd4:25cd:99d9
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn.adtech.de/dt/common/postscribe.js
Requested by: Host: aka-cdn.adtech.de
URL: https://aka-cdn.adtech.de/dt/common/DAC.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:d84b:39e5:dbd4:25cd:99d9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F96) /
Resource Hash: 44244f0fa0e9f86b1b25c5cef0e58326295b44bf86c505b4e54f09ec0a89c9dd

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:40 GMT
content-encoding: gzip
last-modified: Sat, 09 May 2020 02:48:29 GMT
server: ECAcc (frc/8F96)
age: 3131
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
content-length: 6488
expires: Sat, 09 May 2020 04:40:40 GMT

GET
DATA 200
OK truncated
/ Frame 372A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e126552cb9e00d1ea42c02b6327d34a926a12e5e66ac934ae5d6422a07d1880

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

ADTECH;apid=1Adaae6d44-91a6-11ea-bd34-02c0f9e2ad96;cfp=1;rndc=1588995640;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwidth=1600;kvsc... Show response
adserver.adtech.de/addyn/3.0/1568.1/6622024/0/-1/ Frame 372A
Redirect Chain

https://adserver.adtech.de/addyn/3.0/1568.1/6622024/0/-1/ADTECH;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwidth=1600;kvscreendensi...
https://adserver.adtech.de/addyn/3.0/1568.1/6622024/0/-1/ADTECH;cfp=1;rndc=1588995640;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwi...
https://adserver-eu.adtech.advertising.com/addyn/3.0/1568.1/6622024/0/-1/ADTECH;rdhost=adserver.adtech.de;cfp=1;rndc=1588995639;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;scre...
https://adserver-eu.adtech.advertising.com/addyn/3.0/1568.1/6622024/0/-1/ADTECH;rdhost=adserver.adtech.de;cfp=2;rndc=1588995640;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;scre...
https://adserver.adtech.de/addyn/3.0/1568.1/6622024/0/-1/ADTECH;apid=1Adaae6d44-91a6-11ea-bd34-02c0f9e2ad96;cfp=1;rndc=1588995640;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;sc...

346 B
598 B

60ms
60ms

Script
application/x-javascript

152.199.22.2
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.adtech.de/addyn/3.0/1568.1/6622024/0/-1/ADTECH;apid=1Adaae6d44-91a6-11ea-bd34-02c0f9e2ad96;cfp=1;rndc=1588995640;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwidth=1600;kvscreendensity=1;kvviewportwidth=1;kvviewportheight=1;misc=1588995640568
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 9c29af868f13a5afcb5f1f8cfd4c9b31c1ae9b7b3c9eb33e026df98c38f5794a

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 May 2020 03:40:40 GMT
server: Adtech Adserver
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 200
cache-control: no-store, no-cache
content-type: application/x-javascript
content-length: 346
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 May 2020 03:40:40 GMT
server: nginx
status: 302
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
location: https://adserver.adtech.de/addyn/3.0/1568.1/6622024/0/-1/ADTECH;apid=1Adaae6d44-91a6-11ea-bd34-02c0f9e2ad96;cfp=1;rndc=1588995640;loc=100;target=_blank;grp=913;screenheight=1200;screenwidth=1600;screendensity=1;kvscreenheight=1200;kvscreenwidth=1600;kvscreendensity=1;kvviewportwidth=1;kvviewportheight=1;misc=1588995640568
cache-control: no-store, no-cache
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

/
metromode.se/
Redirect Chain

https://static.metro.se/a3e/bf6/25.H2YH79-1-MEDIUM.jpg
https://metromode.se/

0
0

219ms
219ms

Image
text/html

2606:4700:20::681a:939
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metromode.se/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:939 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 May 2020 03:40:40 GMT
server: cloudflare
status: 302
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://metromode.se/
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 59086682a9b2c2bd-FRA
cf-request-id: 02991e65a90000c2bda08fa200000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 Default_Size_16_1x1.gif
aka-cdn.adtech.de/images/ Frame 372A 43 B
162 B 9ms
8ms Image
image/gif 2606:2800:233:d84b:39e5:dbd4:25cd:99d9
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aka-cdn.adtech.de/images/Default_Size_16_1x1.gif
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:d84b:39e5:dbd4:25cd:99d9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1A) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 09 May 2020 03:40:40 GMT
last-modified: Wed, 06 May 2020 20:31:06 GMT
server: ECAcc (frc/8F1A)
age: 198574
x-cache: HIT
content-type: image/gif
status: 200
cache-control: max-age=608400
accept-ranges: bytes
content-length: 43
expires: Sat, 16 May 2020 04:40:39 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame BA46 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmfUIuJ5bORaZQoupLpYrwW6ALOd8FoPtfNDgc_xNn1rj36DG6Qc4YFYcq7iJLkS-bm3GN730V7cnJC2CQ5mDrQ3of3EaEoPdkRTRUuBk&sig=Cg0ArKJSzIT9_0NvHtIMEAE&adk=3323622425&tt=-1&bs=1585%2C1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&p=659,303,899,1283&mcvt=1016&rs=0&ht=0&tfs=110&tls=1118&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588995640334&dlt&rpt=84&isd=0&msd=0&ext&xdi=0&ps=1593%2C3085&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-5-11-11-0-0-0&tvt=1114&is=980%2C240&iframe_loc=http%3A%2F%2F80.72.1.78%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=980x240&itpl=3&v=20200508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 May 2020 03:40:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 25AB 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxE5GFmY4A7XTT5napwWXkZuYyjMu-vFoJc_gmi88OnuJg14a2wohjJGIjfW7_WpG_auHTWZCQ_L4ESHN5_0ANvKcDb3oViCwmJYwIk6E&sig=Cg0ArKJSzCdXFwsZfnjdEAE&adk=304478885&tt=-1&bs=1585%2C1200&mtos=0,0,1017,1017,1017&tos=0,0,1017,0,0&p=944,1145,1304,1395&mcvt=1017&rs=0&ht=0&tfs=103&tls=1111&mc=0.71&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588995640340&dlt&rpt=96&isd=0&msd=0&ext&xdi=0&ps=1593%2C3085&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1111&is=250%2C360&iframe_loc=http%3A%2F%2F80.72.1.78%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=250x360&itpl=3&v=20200508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 May 2020 03:40:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 372A 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-Ju1Zdui3lBMd30LCWb-KH6cTh0zC42nRWur9ycTjSbzz8m2Zuk6ucmcOkbZm_PojZ2_X04cQZMIr8sslQbySCAAW4nVT6kZ6-2URONE&sig=Cg0ArKJSzLK7YkFalZKiEAE&adk=3295870553&tt=-1&bs=1585%2C1200&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&p=0,792,1,793&mcvt=1016&rs=0&ht=0&tfs=103&tls=1112&mc=1&lte=0&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1588995640324&dlt&rpt=249&isd=0&msd=0&ext&xdi=0&ps=1593%2C3085&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1112&is=1%2C1&iframe_loc=http%3A%2F%2F80.72.1.78%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 May 2020 03:40:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK wl Show response
t.pubmatic.com/ 17 B
328 B 105ms
16ms XHR
text/plain 185.64.189.244
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: http://t.pubmatic.com/wl?pubid=156491
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 185.64.189.244 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 09 May 2020 03:40:42 GMT
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://80.72.1.78
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 17
Expires: 0

POST
H/1.1 200
OK wl Show response
t.pubmatic.com/ 17 B
328 B 104ms
16ms XHR
text/plain 185.64.189.244
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: http://t.pubmatic.com/wl?pubid=156491
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 185.64.189.244 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 09 May 2020 03:40:42 GMT
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://80.72.1.78
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 17
Expires: 0

POST
H/1.1 200
OK wl Show response
t.pubmatic.com/ 17 B
328 B 104ms
16ms XHR
text/plain 185.64.189.244
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: http://t.pubmatic.com/wl?pubid=156491
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Server: 185.64.189.244 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 09 May 2020 03:40:42 GMT
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://80.72.1.78
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 17
Expires: 0

POST
H/1.1 200
OK b29654c326 Show response
bam.nr-data.net/events/1/ 24 B
176 B 112ms
111ms XHR
image/gif 162.247.242.19
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/b29654c326?a=30161373&v=1167.2a4546b&to=YwMHMkBUCERUAhFZDVpJNhZAXAhQdg4LRBBbCgkDQBovWVEEHXMNWhIXCV5ZA0UaBgBEK1oCAB5iVAFS&rst=11117&ref=http://80.72.1.78/
Requested by: Host: 80.72.1.78
URL: http://80.72.1.78/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: http://80.72.1.78/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: http://80.72.1.78
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adserver-eu.adtech.advertising.com
adserver.adtech.de
adservice.google.com
adservice.google.de
adx.adform.net
aka-cdn.adtech.de
analytics.codigo.se
bam.nr-data.net
c.cintnetworks.com
c.suntcontent.se
cdn.jsdelivr.net
cloud.custosgroup.com
connect.facebook.net
d.suntcontent.se
eus.rubiconproject.com
fastlane.rubiconproject.com
hbopenbid.pubmatic.com
inviso.rampanel.com
js-agent.newrelic.com
metromode.se
pagead2.googlesyndication.com
pp.lp4.io
securepubads.g.doubleclick.net
static.metro.se
t.pubmatic.com
tpc.googlesyndication.com
trafficgateway.research-int.se
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
104.111.230.142
151.101.14.110
152.199.22.2
162.247.242.19
176.9.67.12
185.64.189.112
185.64.189.244
2.18.233.180
216.58.210.2
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:2800:233:d84b:39e5:dbd4:25cd:99d9
2606:4700:20::681a:244
2606:4700:20::681a:939
2606:4700:20::681a:be3
2606:4700:3033::681b:991a
2606:4700:3036::681b:ba02
2606:4700::6810:5814
2a00:1450:4001:814::2001
2a00:1450:4001:816::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2001
2a00:1450:4001:820::2002
2a00:1450:4001:824::2002
2a00:1450:4001:824::2008
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.186.252.235
37.157.3.28
40.113.142.219
51.140.146.131
69.173.144.143
80.72.1.76
80.72.1.78
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
062e879de4e77579c4a5246b16a65ef7a8dc7f1fb0f0efa3b3b828998dfab4cd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d2a9b0cccc916b5c2e18e9102910d434581b7c608c98a45d870c265b8cb12d5
0e421fb7963d2357a10c45e7269b62ae3d1f330e39c7cb9c2b26a46dddfb7ad3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13f6c7350d4759eba88c6ee4d787d669f5552822030ee132850e19b204b5d862
14625c35fea28e40cc3e1b8f1f718ec50f8322ed913349fbfca2968ed6f64f33
1cbb9577465168ef7cfe30ae52d311a60e8cd37c553203093b2e2d9182ec4a34
1e823ea8b1b1041bcc7bcbbf943f65385027feb817d33e9360bb4d1249440542
2531e515d47b88300e3c5e3a91d5d22a292bdfdb6cec2e6399090bd9545ba92c
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
2f56260b32550a76c194d4c383cf1f5d2d2b978c5ff1b15b4826902a2aa8d44f
32ab9cbc82797d05b18d1a15697b8dc8e70cba544d3134a07e50c641166da1a6
398123c7880f2bc3d84b5557866e5dc156b4b6bd4033cb5d9180730d668dd439
405d8af2c63b8ff656c7b92202b85ab142418bf25fb7b24824ee6a6b390846b9
41265a5696dab0307024b9772dbfd9f67ea69779459b49ca86c35c855380debd
44244f0fa0e9f86b1b25c5cef0e58326295b44bf86c505b4e54f09ec0a89c9dd
4609e8ac1ea6bd463989feb7efdd296cec29ce91c176f52d16ffdce396fa48ce
483d17474e0f62bb02628e8ac99eacf919e0b810918274e6ec2faa4d58ff9ca7
48f96670b09946c40b503a11a60848fd729dab5ad40962c751bc3e7cb9349fad
4bdb1d3d94e0c73dff135d3a26f0d874d027f8cb171f0887252fd85b497ddfe7
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5d847d89cf9327ef61f93964dbbfcfd6039ba6cd2d057d9d0b2c144ad1d500c6
6bbe22f6adc04f05f28af99eed5877d66d3ec35da70482f2d0a83f0ca6f12b14
7c2e0318994878b36d6678f7d053e2a6edb0402db6c25805774b1b398e38a744
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b649e9981117be4c14fa305176ff04a00a4e6e56755dc52909cc41e331f69d
84427a218767d4753b44a553d27ddd07482999c1f3c837a3aeff140087d44667
93e0e37bb0ca3d966cb1b7e5c982b893cf32f3240d7b351fecb707f49952b526
9bb5347fd356ae8863aeb2695b9f2125a42b90449cd729e3527456dd1f20897b
9c29af868f13a5afcb5f1f8cfd4c9b31c1ae9b7b3c9eb33e026df98c38f5794a
9d738cdd912e67257daf7f109c4436b2dbfd354cfb5332d5834718e9f99ef871
9e126552cb9e00d1ea42c02b6327d34a926a12e5e66ac934ae5d6422a07d1880
a0a1ca7c132a8ed0e135f9ac05ccebb6dba33a1e6d3134f89caf98fb071f22d7
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4ca09edc121a4402282d07860e8124116702d68109d03972326934c7dc038ce
a5e5d0a84f24b7bf14f3b6a70342e71b8219d6af5cdb9a7f5145b284f340a636
afffaeac29d2c8aa26bbc636071c198b22c7b093cbf019877ab27e9a5f47bcec
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bd64b906393d8c1c8ab83c5e488072c9a4b8448c387649c3ec3b6fb7133c51
b3f611aa7518a9da205ca9575fb39872e85c04ebaa02eaf49ca4cbe1b65cae18
b4c97f26141f17253a09becbe3ff5c25f292c220e5b155b8e4b69513fa71cb2d
ba35ceee54c719766c324f6164bba3f623a9adfd8a7a019a03ca908b9fb4e0c5
c4484a61a8bd078d6c3f990a2cf19040f43956ed265c71ffc04fb103f5c39840
ca8b17872bcdea25b8b18b6b3821ee422578f1948cfa951a108af2df671226bd
cc558f3b36965d26415cd23f669e4c532dfba0e0ef3533e4b4c8eddde84101c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fb954a283ca5b21655337fe15887b4f2ed8d784f343165ec802b002543bfa62d
fc03e9d35d434cde702d1f402d6cf5eb5f1013ff089290fb206e3f4513bdca50

80.72.1.78 Open in urlscan Pro 80.72.1.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

85 Requests

65 %HTTPS

53 %IPv6

26 Domains

32 Subdomains

32 IPs

8 Countries

1887 kBTransfer

3183 kBSize

0 Cookies

14 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

80.72.1.78 Open in urlscan Pro
80.72.1.78 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

65 %
HTTPS

53 %
IPv6

26
Domains

32
Subdomains

32
IPs

8
Countries

1887 kB
Transfer

3183 kB
Size

0
Cookies

85 HTTP transactions
3 data transactions