www.publimetro.co Open in urlscan Pro
2a02:26f0:2780:6::214:f586 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-versi...
Submission Tags: falconsandbox
Submission: On November 17 via api (November 17th 2024, 4:55:11 am UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 24 domains to perform 74 HTTP transactions. The main IP is 2a02:26f0:2780:6::214:f586, located in Netherlands and belongs to AKAMAI-ASN1 Akamai International B.V., NL. The main domain is www.publimetro.co. The Cisco Umbrella rank of the primary domain is 577813.
TLS certificate: Issued by R11 on September 24th 2024. Valid for: 3 months.

This is the only time www.publimetro.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2a02:26f0:278... 2a02:26f0:2780:6::214:f586	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
4	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1	13.32.27.111 13.32.27.111	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:2c:... 2a02:26f0:2c:2b0::11a6	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	172.67.159.162 172.67.159.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	18.244.18.32 18.244.18.32	16509 (AMAZON-02) (AMAZON-02)
7	95.101.149.35 95.101.149.35	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2606:4700::68... 2606:4700::6811:207c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:186f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:2c:... 2a02:26f0:2c:28c::11a6	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:8c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	57.129.37.210 57.129.37.210	16276 (OVH OVH SAS) (OVH OVH SAS)
8	23.212.89.35 23.212.89.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.25.111 104.18.25.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	216.200.232.249 216.200.232.249	30419 (PAEDAE-INC) (PAEDAE-INC)
1 2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB...) (YAHOO-DEB Yahoo-UK Limited)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1 2	2.16.238.8 2.16.238.8	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1 1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
74	30

16 2a02:26f0:2780:6::214:f586 (Netherlands)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

www.publimetro.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.metroworldnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-111.fra56.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:2c:2b0::11a6 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179916.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.18.32 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:207c (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:186f (United States)

ASN13335 (CLOUDFLARENET, US)

selectivesummer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2c:28c::11a6 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:8c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 57.129.37.210 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3219527.ip-57-129-37.eu

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.212.89.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-35.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.111 (None, )

ASN13335 (CLOUDFLARENET, US)

selectivesummer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (PAEDAE-INC, US)

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom) 1 redirects

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.238.8 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-238-8.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kd7qo6yccdxaqzzzo4va-pe2hwr-1670edfee-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

fiaqjiathaajgkqce3ydkaaacztts5zk-pe2hwr-961488ea0-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	teads.tv a.teads.tv — Cisco Umbrella Rank: 1737 at.teads.tv — Cisco Umbrella Rank: 7513 t.teads.tv — Cisco Umbrella Rank: 3448	124 KB
15	publimetro.co www.publimetro.co — Cisco Umbrella Rank: 577813	613 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 50998 usr.navdmp.com — Cisco Umbrella Rank: 56447 cdn.navdmp.com — Cisco Umbrella Rank: 33234 sync.navdmp.com — Cisco Umbrella Rank: 23898	7 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4108 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695	179 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 3045 kd7qo6yccdxaqzzzo4va-pe2hwr-1670edfee-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 3046 fiaqjiathaajgkqce3ydkaaacztts5zk-pe2hwr-961488ea0-clienttons-s.akamaihd.net	1 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	186 KB
4	gstatic.com fonts.gstatic.com	165 KB
3	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7097	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 186	6 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	183 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2194 ups.analytics.yahoo.com — Cisco Umbrella Rank: 548	508 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 717	758 B
2	selectivesummer.com selectivesummer.com	25 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1652 c.go-mpulse.net — Cisco Umbrella Rank: 782	51 KB
1	akstat.io 02179916.akstat.io — Cisco Umbrella Rank: 91924	230 B
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 45	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	6 KB
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 3693	857 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 639	480 B
1	google.de www.google.de — Cisco Umbrella Rank: 10745	63 B
1	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 9039	45 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 6874	1 KB
1	metroworldnews.com www.metroworldnews.com — Cisco Umbrella Rank: 451678	3 KB
0	readmetro.com Failed api.readmetro.com Failed
74	24

	Domain	Requested by
15	www.publimetro.co	www.publimetro.co
8	t.teads.tv	www.publimetro.co
7	a.teads.tv	www.googletagmanager.com a.teads.tv
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	fonts.gstatic.com	www.publimetro.co
3	events.newsroom.bi	sdk.mrf.io
3	sb.scorecardresearch.com	1 redirects www.publimetro.co
3	www.googletagmanager.com	www.publimetro.co www.googletagmanager.com
2	sync.navdmp.com	www.publimetro.co
2	pixel-sync.sitescout.com	2 redirects
2	selectivesummer.com	www.publimetro.co selectivesummer.com
2	tag.navdmp.com	www.publimetro.co tag.navdmp.com
2	securepubads.g.doubleclick.net	www.publimetro.co securepubads.g.doubleclick.net
1	fiaqjiathaajgkqce3ydkaaacztts5zk-pe2hwr-961488ea0-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kd7qo6yccdxaqzzzo4va-pe2hwr-1670edfee-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	02179916.akstat.io	s.go-mpulse.net
1	lh3.googleusercontent.com	www.publimetro.co
1	fonts.googleapis.com
1	ups.analytics.yahoo.com	www.publimetro.co
1	cms.analytics.yahoo.com	1 redirects
1	pixel.mathtag.com	1 redirects
1	cm.g.doubleclick.net	tag.navdmp.com
1	cdn.navdmp.com	tag.navdmp.com
1	usr.navdmp.com	tag.navdmp.com
1	at.teads.tv	a.teads.tv
1	static.adsafeprotected.com	www.publimetro.co
1	www.google.de	www.publimetro.co
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	c.go-mpulse.net	s.go-mpulse.net
1	sdk.mrf.io	www.publimetro.co
1	s.go-mpulse.net	www.publimetro.co
1	cdn-images.mailchimp.com	www.publimetro.co
1	www.metroworldnews.com	www.publimetro.co
0	api.readmetro.com Failed	www.publimetro.co
74	37

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com

Subject Issuer	Validity	Valid
metroworldnews.web.arc-cdn.net R11	`2024-09-24` - `2024-12-23`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdn-images.mailchimp.com Amazon RSA 2048 M02	`2024-06-24` - `2025-07-22`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
sdk.mrf.io WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
teads.tv R11	`2024-11-05` - `2025-02-03`	3 months	crt.sh
navdmp.com WE1	`2024-09-27` - `2024-12-26`	3 months	crt.sh
selectivesummer.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ssl03.cert.cl15.k8s.mrf.io E6	`2024-10-18` - `2025-01-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Frame ID: CAC1B23156B2EB92D46D7D0B17FDE2DD
Requests: 74 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Nequi Glitch apk coge popularidad y genera grandes riesgos para los usuarios que la usan – Publimetro Colombia

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

cdn-images\.mailchimp\.com/[^>]*\.css

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Page Statistics

74
Requests

91 %
HTTPS

47 %
IPv6

24
Domains

37
Subdomains

30
IPs

7
Countries

1600 kB
Transfer

6477 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?text=Nequi%20Glitch%3A%20Est%C3%A1n%20estafando%20a%20usuarios%20que%20descargan%20supuesta%20nueva%20versi%C3%B3n%20de%20Nequi%20-%20https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://sb.scorecardresearch.com/cs/8623982/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 58

https://pixel-sync.sitescout.com/connectors/navegg/usersync?redir=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D35%26uid%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/connectors/navegg/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D35%26uid%3D%7BuserId%7D HTTP 302
https://sync.navdmp.com/sync?prtid=35&uid=ab58c551-4f1f-40ae-a9ca-6155318e852d-67397729-5553

Request Chain 59

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=6b346739-772a-4900-a914-44c45da3c4e5

Request Chain 60

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Request Chain 70

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pe2hwro0a HTTP 302
https://kd7qo6yccdxaqzzzo4va-pe2hwr-1670edfee-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 71

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pe2hwro0a HTTP 302
https://fiaqjiathaajgkqce3ydkaaacztts5zk-pe2hwr-961488ea0-clienttons-s.akamaihd.net/eum/results.txt

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/ 103 KB
24 KB 972ms
332ms Document
text/html 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: a7efd0a6a8d4b1937d7dbf763089be3109e16ef5d609edeeb75cf22f7f7f4be2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=60
content-encoding: gzip
content-length: 23675
content-type: text/html; charset=utf-8
date: Sun, 17 Nov 2024 04:55:04 GMT
etag: W/"18b6e-l5HHKh1q8XpBEpfthMXFgDzhoxo"
expires: Sun, 17 Nov 2024 04:56:04 GMT
last-modified: Sun, 17 Nov 2024 04:53:56 GMT
server: openresty
server-timing: cdn-cache; desc=HIT edge; dur=277 origin; dur=0 ak_p; desc="1731819304140_34846347_129270636_27734_15629_37_104_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 21655 0 pmb=mRUM,2
x-arc-pb-mx-id: 00000000
x-arc-pb-request-id: 6ec74cbc-4c93-43a5-90c2-cb5bd079a8b3 f1daaed7-c1b4-4ac9-a869-4ac837b846fb
x-arc-request-id: 0.8bb61302.1731819304.7b4836c
x-arc-ttl: -1

GET
H3 200 MCoMzAn438bIEyxFf6swMnNpvPcUwW4u4w5QJu5jEKMu.woff2
fonts.gstatic.com/s/georama/v4/ 38 KB
38 KB 86ms
39ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/georama/v4/MCoMzAn438bIEyxFf6swMnNpvPcUwW4u4w5QJu5jEKMu.woff2

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

ff76becf7041ec65613ecadbf496b567c500589b20bd0cba000a3e465ccbc0b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.publimetro.co
Referer: https://www.publimetro.co/

Response headers

age: 307940
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:22:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:22:44 GMT
last-modified: Wed, 08 Dec 2021 22:18:28 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38508
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v28/ 39 KB
39 KB 90ms
43ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.publimetro.co
Referer: https://www.publimetro.co/

Response headers

age: 308113
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:19:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:19:51 GMT
last-modified: Tue, 01 Mar 2022 22:07:04 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39556
x-xss-protection: 0
server: sffe

GET
H2 200 publimetro_dark-bg.svg
www.publimetro.co/pf/resources/img/logos/ 9 KB
5 KB 51ms
50ms Image
image/svg+xml 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.publimetro.co/pf/resources/img/logos/publimetro_dark-bg.svg?d=604
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: bc3429264ce2c925e607cfb1b6aca8d8743bcd12f031ee66a641cffeed53ec7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=31536000
content-encoding: gzip
x-arc-ttl: 31536000
etag: W/"ccf59101e996c78b59c1642a8a398021"
expires: Mon, 17 Nov 2025 04:55:04 GMT
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1731819304733_34846347_129271180_40_11152_38_0_146";dur=1
content-length: 4236
date: Sun, 17 Nov 2024 04:55:04 GMT
x-arc-request-id: 0.8bb61302.1731819304.7b4858c
content-type: image/svg+xml
last-modified: Mon, 04 Nov 2024 14:05:41 GMT
server: openresty
x-amz-server-side-encryption: AES256

GET
H2 200 default.css
www.publimetro.co/pf/dist/components/combinations/ 46 KB
7 KB 131ms
131ms Stylesheet
text/css 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.publimetro.co/pf/dist/components/combinations/default.css?d=604
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: 19fd44588db28dba8d984e1f30b4773bd7eba9f2df9e468cc7c020d55e32552c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
x-arc-ttl: 31536000
etag: W/"c7c696be805078a999f30546902d7d37"
expires: Mon, 17 Nov 2025 04:55:04 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1731819304632_34846347_129271086_779_10544_37_0_255";dur=1
content-length: 7020
date: Sun, 17 Nov 2024 04:55:04 GMT
x-arc-request-id: 0.8bb61302.1731819304.7b4852e
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: openresty
last-modified: Mon, 04 Nov 2024 14:05:41 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 mwn.css
www.publimetro.co/pf/dist/css/ 181 KB
23 KB 133ms
133ms Stylesheet
text/css 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.publimetro.co/pf/dist/css/mwn.css?d=604
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: 1ca5ba518cf0e75a3db0b77e8520ff3573ddd4eeb30370ce26aa3422fc23d554

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
x-arc-ttl: 31536000
etag: W/"cbaf244d259c2fb6b790dec479593aa9"
x-edgeconnect-cache-status: 1
expires: Mon, 17 Nov 2025 04:55:04 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1731819304632_34846347_129271087_785_10391_37_0_255";dur=1
content-length: 22759
date: Sun, 17 Nov 2024 04:55:04 GMT
x-arc-request-id: 0.8bb61302.1731819304.7b4852f
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: openresty
last-modified: Mon, 04 Nov 2024 14:05:41 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 react.js Show response
www.publimetro.co/pf/dist/engine/ 378 KB
111 KB 75ms
74ms Script
application/javascript 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.publimetro.co/pf/dist/engine/react.js?d=604
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: 5a3b7e99cfccc16836b858238fd8fc58a9aa23d3faf58d4ff1f750215fd9813b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
x-arc-ttl: 31536000
etag: W/"f4d901a4a1d3b61b1eeca79ef6e81b4b"
x-edgeconnect-cache-status: 1
expires: Mon, 17 Nov 2025 04:55:04 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1731819304760_34846347_129271212_801_11688_38_0_146";dur=1
content-length: 113575
date: Sun, 17 Nov 2024 04:55:04 GMT
x-arc-request-id: 0.8bb61302.1731819304.7b485ac
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty
last-modified: Mon, 04 Nov 2024 14:05:41 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 default.js Show response
www.publimetro.co/pf/dist/components/combinations/ 2 MB
256 KB 122ms
121ms Script
application/javascript 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.publimetro.co/pf/dist/components/combinations/default.js?d=604
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: 410689fc7f64494db9f42cc9aa913631d79c4aa5d61b7df6da8866b080977b5e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
x-arc-ttl: 31536000
etag: W/"3ce5b6aae324697fa3a0299627c4924e"
expires: Mon, 17 Nov 2025 04:55:04 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1731819304760_34846347_129271213_795_11698_38_0_146";dur=1
content-length: 261741
date: Sun, 17 Nov 2024 04:55:04 GMT
x-arc-request-id: 0.8bb61302.1731819304.7b485ad
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty
last-modified: Mon, 04 Nov 2024 14:05:41 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 3FJV7LPXT5H7RFR3PMOUEJYGIU.png
www.metroworldnews.com/resizer/v2/ 2 KB
3 KB 161ms
132ms Image
image/avif 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.metroworldnews.com/resizer/v2/3FJV7LPXT5H7RFR3PMOUEJYGIU.png?smart=true&auth=de7e78f1e4b4e1443be4d433d6ce32381d46153a60b319210908d9df1ca3a69b&width=90&height=90

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3640d4e494a8b89fc8fbcfb3203b60a5ba9cfe67fbbe1e0a747a5b5349aa0701

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
cache-control: private, no-transform, max-age=31048734
x-arc-ttl: 31536000
etag: "84124c6d8b439364549d624aeae566e9"
x-edgeconnect-cache-status: 1
expires: Tue, 11 Nov 2025 13:33:58 GMT
akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
server-timing: cdn-cache; desc=HIT, edge; dur=12, ak_p; desc="1731819304777_34846347_129271227_1278_38839_37_0_219";dur=1
content-length: 1748
date: Sun, 17 Nov 2024 04:55:04 GMT
x-arc-request-id: 0.8bb61302.1731819304.7b485bb
last-modified: Sun, 21 Apr 2024 15:31:41 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 126ms
38ms Stylesheet
text/css 13.32.27.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/slim-10_7.css
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

x-amz-cf-pop: FRA56-C2
content-encoding: gzip
x-amz-version-id: null
etag: W/"d67b6072a15510e2010ad947aa1213c3"
age: 10914
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: o7tPM1kdtL22O8WXJZu1VLJBwb2wABkyIdn6EMGI2yWp9DJ-O23zIA==
date: Sun, 17 Nov 2024 01:53:11 GMT
content-type: text/css
vary: accept-encoding
server: AmazonS3
last-modified: Tue, 15 Dec 2015 20:19:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
77 KB 162ms
55ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4HVNVCB

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18489d9a92bd48aafd9ca375c6eb0ac16946b0cb5bd4da2f3e026642cd473de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 17 Nov 2024 04:55:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:55:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 17 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77674
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 4PLKK-R4NFW-BL7DR-FXCAN-DNXMA Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 203ms
63ms Script
application/javascript 2a02:26f0:2c:2b0::11a6
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/4PLKK-R4NFW-BL7DR-FXCAN-DNXMA
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2c:2b0::11a6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: max-age=604800
timing-allow-origin: *
content-encoding: br
customappheader: mpulse-ab-boomr__git__361fdb1__git__361fdb1__p19.alsi10-lite
content-length: 50393
date: Sun, 17 Nov 2024 04:55:04 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Jul 2024 15:04:55 GMT
vary: Accept-Encoding

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2
fonts.gstatic.com/s/opensans/v28/ 42 KB
42 KB 39ms
39ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6FxZCJgg.woff2

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/pf/dist/components/combinations/default.css?d=604

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

d2999dd8b1e89b9bb0e522a363c0feb6c1a9c6f992ba78ec8a50477245d33c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.publimetro.co
Referer: https://www.publimetro.co/

Response headers

age: 307804
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:25:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:25:00 GMT
last-modified: Tue, 01 Mar 2022 22:01:53 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42540
x-xss-protection: 0
server: sffe

GET
H2 200 AJ4LQPZHKNHOBGFHRCEMHWUVRA.jpg
www.publimetro.co/resizer/v2/ 38 KB
38 KB 773ms
772ms Image
image/avif 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.publimetro.co/resizer/v2/AJ4LQPZHKNHOBGFHRCEMHWUVRA.jpg?smart=true&auth=dc69ef1bd7f1ee2a19eec5036425f0060dcc3d3d466e23243a023727c309ac20&width=1440&height=810
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: aa3d667f460d2d7bf2f0d9d438664fab902e9f8403988e21d3332cb58cac852c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: private, no-transform, max-age=30049033
x-arc-ttl: 31536000
etag: "46060ccb49e29338006bc5ae86328b6f"
expires: Thu, 30 Oct 2025 23:52:18 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=698, origin; dur=0, ak_p; desc="1731819304796_34846347_129271250_69996_29732_38_0_219";dur=1
content-length: 38974
date: Sun, 17 Nov 2024 04:55:05 GMT
x-arc-request-id: 0.8bb61302.1731819304.7b485d2
last-modified: Wed, 30 Oct 2024 23:52:53 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 site-service-hierarchy Show response
www.publimetro.co/pf/api/v3/content/fetch/ 1 KB
857 B 361ms
361ms Fetch
application/json 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.publimetro.co/pf/api/v3/content/fetch/site-service-hierarchy?query=%7B%22feature%22%3A%22header-nav-chain%22%2C%22hierarchy%22%3A%22main-nav-full%22%7D&filter=%7Bchildren%7B_id%2Cchildren%7B_id%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%2Cdisplay_name%2Cname%2Cnode_type%2Curl%7D%7D&d=604&_website=mwncolombia
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/pf/dist/engine/react.js?d=604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: f42995e03c09dcf524626efef026d8d94006f42c0dd73095d284d92f3c9f9d11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
If-Modified-Since: 1731818969533
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: max-age=41
content-encoding: gzip
x-arc-ttl: 120
etag: W/"4ed-GXDgLbSWXWZgYI9FS0ipsGspCUE"
x-arc-pb-request-id: a3f254fb-fb2f-459a-b57b-55c529ee6bca, a3f254fb-fb2f-459a-b57b-55c529ee6bca
expires: Sun, 17 Nov 2024 04:55:46 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=310, origin; dur=0, ak_p; desc="1731819305097_34846347_129271578_31002_13104_39_0_219";dur=1
content-length: 379
date: Sun, 17 Nov 2024 04:55:05 GMT
x-arc-request-id: 0.8bb61302.1731819305.7b4871a
last-modified: Sun, 17 Nov 2024 04:49:29 GMT
content-type: application/json; charset=utf-8
server: openresty
vary: accept-encoding

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 112 KB
34 KB 137ms
60ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/pf/dist/components/combinations/default.js?d=604

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

85a07c31b499201b76e75e330e0cc570e3d39283a8a9a1212db428b5837bd627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

content-encoding: br
etag: 203 / 20044 / m202411120102 / config-hash: 13223844563403868853
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 04:55:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 34445
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
106 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7GY9YFFT40&l=dataLayer&cx=c&gtm=45He4bc0h1v9183107035za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4HVNVCB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a3d80cc8377774502f300353c816f5fea05291b3d5347d46ab5bba07f49f49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 17 Nov 2024 04:55:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 108412
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 166 KB
45 KB 174ms
100ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1765
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc231b65510f6790491839c591fbe3174666aadfe0ebdfaebeab994c497a0d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.publimetro.co
Referer: https://www.publimetro.co/

Response headers

cache-control: max-age=1800
content-encoding: gzip
cf-cache-status: EXPIRED
x-envoy-upstream-service-time: 14
cf-ray: 8e3d206178e22a08-CDG
x-response-time: 1ms
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 45977
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sun, 17 Nov 2024 04:55:05 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/8623982/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

15 KB
5 KB

41ms
40ms

Script
application/javascript

18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6a58f7d1814138ce7fb2194b071c7100cdfc3d30a95eef8223329dc65774bbf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"e577c18a64fa27d73bcdf0c0433579b5"
age: 1844
via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: QiysG_MHwmBXSaK00tuWYNXzqW_499grjvMXoGAtHfKOXyi8aLuKYg==
date: Sun, 17 Nov 2024 04:24:22 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 08:38:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

Redirect headers

location: /internal-cs/default/beacon.js
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 7GtEz4M-Eb3_jELEBYLWL-v0N3rfUkr2flNxxpaU4GYidWsW8FF7uQ==
date: Sun, 17 Nov 2024 04:55:05 GMT
x-amz-cf-pop: FRA56-P11

GET
H2 200 tag Show response
a.teads.tv/page/57819/ 2 KB
894 B 220ms
68ms Script
application/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/57819/tag
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4HVNVCB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: caf50df498e3ed8aec05ea0649098795ab177e09a14ef53c7180f91c13c17b5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: no-cache, must-revalidate, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: *
content-length: 584
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 190ms
39ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4HVNVCB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

x-amz-id-2: mQ06S+7MnmI8R21V6ee0EVFMlcfkflc/vxwaVWHy0+TuUyqVHelvHcKN7MHXyS4YZWKX2XkX3VY=
cache-control: private, max-age=3600
content-encoding: br
etag: "d86492df4bad2a485597bfa437c78ad2"
x-amz-version-id: IwRCxZF1T4gMT4TMeNkDrOCkruVfKfAe
x-amz-request-id: SK64P053Y7ZMW32R
accept-ranges: bytes
content-length: 3393
date: Sun, 17 Nov 2024 04:55:05 GMT
last-modified: Wed, 28 Feb 2024 14:26:38 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 151ms
58ms Script
application/javascript 2606:4700::6811:207c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:207c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: max-age=3600
content-encoding: gzip
cf-cache-status: HIT
etag: W/"642de12c-36d1"
age: 3567
cf-ray: 8e3d20618cbad2de-FRA
expires: Sun, 17 Nov 2024 04:55:38 GMT
access-control-allow-origin: *
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/javascript
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 df6e58947b08_8aaf3596ab5ab95af644bbe8.vendor.js Show response
selectivesummer.com/build/ 67 KB
24 KB 182ms
63ms Script
text/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://selectivesummer.com/build/df6e58947b08_8aaf3596ab5ab95af644bbe8.vendor.js

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01cc30cd7999d3abb85496bd3ce4503bf09e7f248c90e458f5ba6ccdef915c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"dddbcee121c324137d8f13a3bc06730bde7983598db3783918d99b7f01b1d1b9"
x-buildname: hoothoot
x-hostname: fen-hoothoot-europe-west1-spot-j80q
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Language
strict-transport-security: max-age=15724800; preload
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8e3d2061bf6d9753-FRA
x-buildnumber: 1528792020
server: cloudflare

GET index.json
api.readmetro.com/colombia/ 0
0

GET
H2 200 content-api-collections Show response
www.publimetro.co/pf/api/v3/content/fetch/ 4 KB
2 KB 425ms
425ms Fetch
application/json 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.publimetro.co/pf/api/v3/content/fetch/content-api-collections?query=%7B%22content_alias%22%3A%22destacado-home-colombia%22%2C%22feature%22%3A%22card-list%22%2C%22from%22%3A0%2C%22size%22%3A5%7D&filter=%7Bcontent_elements%7B_id%2Ccredits%7Bby%7B_id%2Cadditional_properties%7Boriginal%7Bbyline%7D%7D%2Cname%2Ctype%2Curl%7D%7D%2Cdisplay_date%2Cheadlines%7Bbasic%7D%2Cowner%7Bsponsored%7D%2Cpromo_items%7Bbasic%7B_id%2Cauth%7B1%7D%2Cfocal_point%7Bx%2Cy%7D%2Ctype%2Curl%7D%2Clead_art%7Bpromo_items%7Bbasic%7B_id%2Cauth%7B1%7D%2Cfocal_point%7Bx%2Cy%7D%2Ctype%2Curl%7D%7D%2Ctype%7D%7D%2Cwebsites%7Bmwncolombia%7Bwebsite_section%7Bname%7D%2Cwebsite_url%7D%7D%7D%7D&d=604&_website=mwncolombia
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/pf/dist/engine/react.js?d=604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: openresty /
Resource Hash: 3889a78d543494024bf188bdee26312093b4ddb6cce1185dd1f97d4a4d33884b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: max-age=204
content-encoding: gzip
x-arc-ttl: 300
etag: W/"10db-j7nRBowUIpnL+qgxhmtEVU/IeJg"
x-arc-pb-request-id: 106caffa-a72f-4772-ba69-e7131e630426, 106caffa-a72f-4772-ba69-e7131e630426
expires: Sun, 17 Nov 2024 04:58:29 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=363, origin; dur=0, ak_p; desc="1731819305133_34846347_129271671_37396_16598_38_0_219";dur=1
content-length: 1565
date: Sun, 17 Nov 2024 04:55:05 GMT
x-arc-request-id: 0.8bb61302.1731819305.7b48777
content-type: application/json; charset=utf-8
last-modified: Sun, 17 Nov 2024 04:53:29 GMT
server: openresty
vary: Accept-Encoding

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 4 KB
1 KB 264ms
119ms XHR
application/json 2a02:26f0:2c:28c::11a6
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=4PLKK-R4NFW-BL7DR-FXCAN-DNXMA&d=www.publimetro.co&t=5772731&v=1.720.0&sl=0&si=6b620162-2bd6-45a1-86f9-4a4d61a1ae09-sn2wbs&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=734296
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/4PLKK-R4NFW-BL7DR-FXCAN-DNXMA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2c:28c::11a6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 922fdccfd54a8df223e7e7320b7d64248e90ddc578bb04a8f8078170957f4946

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
content-encoding: gzip
access-control-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 1040
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/json
vary: Accept-Encoding

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 139ms
46ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7GY9YFFT40&gtm=45je4bc0v875268347z89183107035za200zb9183107035&_p=1731819304715&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&cid=302816916.1731819305&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731819305&sct=1&seg=0&dl=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F&dt=Nequi%20Glitch%20apk%20coge%20popularidad%20y%20genera%20grandes%20riesgos%20para%20los%20usuarios%20que%20la%20usan%20%E2%80%93%20Publimetro%20Colombia&en=page_view&_fv=1&_nsi=1&_ss=1&ep.autor_name=Karen%20Rozo%20Gal%C3%A1n%3A%20%40krozo5&ep.main_category=Tecnolog%C3%ADa&ep.origin=N%2FA&ep.GPT=false&ep.sourceInArc=composer&ep.isCloned=false&ep.isShared=false&ep.isSharedIn=mwncolombia&ep.statusCode=200&ep.forcedContent=false&tfd=1653
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7GY9YFFT40&l=dataLayer&cx=c&gtm=45He4bc0h1v9183107035za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.publimetro.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
548 B 156ms
48ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7GY9YFFT40&cid=302816916.1731819305&gtm=45je4bc0v875268347z89183107035za200zb9183107035&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7GY9YFFT40&l=dataLayer&cx=c&gtm=45He4bc0h1v9183107035za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.publimetro.co
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 124ms
50ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7GY9YFFT40&cid=302816916.1731819305&gtm=45je4bc0v875268347z89183107035za200zb9183107035&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855&tag_exp=101925629~102067555~102067808~102077855&z=159415586

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 17 Nov 2024 04:55:05 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/ 489 KB
152 KB 39ms
39ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

183a79c135d08ca92841172975467ff9b6c24db28967e0e147c1a328f3198d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

content-encoding: br
etag: 17605025942849661478
age: 43583
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 16:48:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 16 Nov 2024 16:48:42 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155155
x-xss-protection: 0
server: cafe

GET
H2 200 51231 Show response
tag.navdmp.com/u/ 1 KB
942 B 165ms
164ms Script
application/javascript 2606:4700::6811:207c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/51231
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:207c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4ea64e37e6281fbdf773b39af7ce27ed1fb098fe98e6997396b9575f10785d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: max-age=3600
content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"6137b329-5bb"
cf-ray: 8e3d20620d6ad2de-FRA
expires: Sun, 17 Nov 2024 05:55:05 GMT
access-control-allow-origin: *
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/javascript
last-modified: Tue, 07 Sep 2021 18:44:57 GMT
server: cloudflare

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
480 B 165ms
39ms Image
image/gif 2600:9000:223f:8c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?service=ad&adid=xsrmnm&adnum=8662305
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age: 8978
x-cache: Hit from cloudfront
x-amz-cf-id: dg0dGzqmjQVLuk0MsykzAIxS7QvioUltYlTfqvAdDCTaN2LDagJwRg==
date: Sun, 17 Nov 2024 02:25:28 GMT
content-type: image/gif
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 43
x-amz-cf-pop: FRA56-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 41ms
40ms Image
text/plain 18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=8623982&cs_fpcu=bce217f4ac6d40c68b6fa374e6b92484&cs_it=b9&cv=4.9.0%2B2410250554&ns__t=1731819305291&ns_c=UTF-8&cs_cfg=111&c7=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F&c8=Nequi%20Glitch%20apk%20coge%20popularidad%20y%20genera%20grandes%20riesgos%20para%20los%20usuarios%20que%20la%20usan%20%E2%80%93%20Publimetro%20Colombia&c9=
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

via: 1.1 49c384ab63de091c5f4d1534f8845d0c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: ax3VktN-0K5GHcJLNdgjwVi0gTYejXz0QN5COt20o4xWCo5wl7Cd2w==
date: Sun, 17 Nov 2024 04:55:05 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11

GET
H2 200 teads-format.min.js Show response
a.teads.tv/static/master/media/format/v3/ 496 KB
115 KB 41ms
40ms Script
text/javascript 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/57819/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76bfe7c70c4b005427f3e09d9c0cee4529e5785b1a5c8dd6da58c4340543390a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

x-amz-id-2: lU9APVKSIs/XnvHsATK2QxupCEhV7SfEpJts+3AZ2F6dB9bUT8qyvBiQj9sz+JKtkiPS/mH7/ro=
cache-control: private, must-revalidate, max-age=222
content-encoding: br
etag: "ad2beea8898b176f7a2f3c1635500f3d"
x-amz-request-id: NTR1CJS5GX845Y0W
accept-ranges: bytes
content-length: 117580
date: Sun, 17 Nov 2024 04:55:05 GMT
last-modified: Wed, 13 Nov 2024 09:41:46 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
369 B 216ms
69ms Fetch
text/plain 23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_10331&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=90769f5&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Observe-Browsing-Topics: ?1
Expires: Sun, 17 Nov 2024 04:55:05 GMT
Access-Control-Allow-Origin: https://www.publimetro.co
Content-Length: 0
Date: Sun, 17 Nov 2024 04:55:05 GMT
Content-Type: text/plain; charset=UTF-8

GET
H2 200 206696744 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 177ms
71ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/206696744?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2eaaffeda464b83f9093c87a9c710b5773617fb6e89452b2aa7868d14715e17c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ziwrhbmA7O3PYjriBiu_3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4Vr57upNN4MKqI11MShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYmegaG8QUGAIo9QDY"
content-security-policy: script-src 'report-sample' 'nonce-ziwrhbmA7O3PYjriBiu_3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 89 B
886 B 173ms
42ms Fetch
application/json 57.129.37.210
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1765
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.37.210 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns3219527.ip-57-129-37.eu
Software: istio-envoy /
Resource Hash: 16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.publimetro.co/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.publimetro.co
content-length: 99
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 usr Show response
usr.navdmp.com/ 359 B
429 B 183ms
169ms Script
application/javascript 2606:4700::6811:207c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=51231&u=1&new=1&wst=0&wct=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:207c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc58c5d933af8b68c10a43e30ac59832def432fee27fa9f1e88ca39d9c67ca2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

act: f0
cache-control: max-age=3600
content-encoding: gzip
cf-cache-status: DYNAMIC
pragma: public
cf-ray: 8e3d20632f11d2de-FRA
expires: Sun, 17 Nov 2024 05:55:05 GMT
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/javascript
server: cloudflare

GET
H2 200 track
t.teads.tv/ 23 B
105 B 243ms
61ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=4c169729-7631-4831-a451-17bb382201bd&pageId=57819&pid=62866&debug_metadata=k33bmFrkhj&fv=1399&ts=1731819305477&f=1&referer=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: private, max-age=3666
content-length: 23
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
135 B 244ms
62ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=4c169729-7631-4831-a451-17bb382201bd&pageId=57819&pid=62866&slot=native&fv=1399&ts=1731819305481&f=1&referer=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
105 B 262ms
80ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=3056826f-2279-4ff4-b859-86e453d25f2e&pageId=57819&pid=94124&debug_metadata=0MkMyfWswg&fv=1399&ts=1731819305484&f=1&referer=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: private, max-age=3666
content-length: 23
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
135 B 255ms
74ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=3056826f-2279-4ff4-b859-86e453d25f2e&pageId=57819&pid=94124&slot=multislot&fv=1399&ts=1731819305485&f=1&referer=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
105 B 246ms
65ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=127f69f5-f4c4-4b81-8319-6909271ff91a&pageId=57819&pid=97638&debug_metadata=T4cKAxLWtV&fv=1399&ts=1731819305486&f=1&referer=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: private, max-age=3666
content-length: 23
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
135 B 254ms
73ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=127f69f5-f4c4-4b81-8319-6909271ff91a&pageId=57819&pid=97638&slot=multislot&fv=1399&ts=1731819305487&f=1&referer=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
105 B 74ms
73ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=fa9b3005-6fd0-447c-9b1a-286d5849ee43&pageId=57819&pid=139559&debug_metadata=1Ox0n6RIDU&fv=1399&ts=1731819305490&f=1&referer=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: private, max-age=3666
content-length: 23
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
135 B 74ms
73ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=fa9b3005-6fd0-447c-9b1a-286d5849ee43&pageId=57819&pid=139559&slot=multislot&fv=1399&ts=1731819305491&f=1&referer=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: image/gif

POST
H2 200 ad Show response
a.teads.tv/page/57819/ 472 B
698 B 99ms
98ms Fetch
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/57819/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F&auctid=4c169729-7631-4831-a451-17bb382201bd&autoplay=true&formatVersion=1399&env=js-web&netBw=10&ttfb=331
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: af7118787f31fe970861417270f8ba6370eba6394ef861558ce752f678d8811f

Request headers

Referer: https://www.publimetro.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json; charset=UTF-8
Content-Type: text/plain;charset=UTF-8

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Sun, 17 Nov 2024 04:55:05 GMT
access-control-allow-origin: https://www.publimetro.co
content-length: 333
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/json
vary: Accept-Encoding

POST
H2 200 ad Show response
a.teads.tv/page/57819/ 473 B
697 B 68ms
68ms Fetch
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/57819/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F&auctid=3056826f-2279-4ff4-b859-86e453d25f2e&autoplay=true&formatVersion=1399&env=js-web&netBw=10&ttfb=331
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4276065f313a39cf673178ff6ca92d2cd77c5b653770726d66c18abb5cfb1617

Request headers

Referer: https://www.publimetro.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json; charset=UTF-8
Content-Type: text/plain;charset=UTF-8

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Sun, 17 Nov 2024 04:55:05 GMT
access-control-allow-origin: https://www.publimetro.co
content-length: 332
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/json
vary: Accept-Encoding

POST
H2 200 ad Show response
a.teads.tv/page/57819/ 473 B
700 B 86ms
85ms Fetch
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/57819/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F&auctid=127f69f5-f4c4-4b81-8319-6909271ff91a&autoplay=true&formatVersion=1399&env=js-web&netBw=10&ttfb=331
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 90eac14536b25f78f409a95297743fbde789628ca437c6e96c96c0b436d32bf3

Request headers

Referer: https://www.publimetro.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json; charset=UTF-8
Content-Type: text/plain;charset=UTF-8

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Sun, 17 Nov 2024 04:55:05 GMT
access-control-allow-origin: https://www.publimetro.co
content-length: 335
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/json
vary: Accept-Encoding

POST
H2 200 ad Show response
a.teads.tv/page/57819/ 474 B
699 B 66ms
64ms Fetch
application/json 95.101.149.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/57819/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F&auctid=fa9b3005-6fd0-447c-9b1a-286d5849ee43&autoplay=true&formatVersion=1399&env=js-web&netBw=10&ttfb=331
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cff24b888a4d9a7e8e9b781b87dd25dcbc0f226a727d1eeefdc1982aa61d7801

Request headers

Referer: https://www.publimetro.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json; charset=UTF-8
Content-Type: text/plain;charset=UTF-8

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Sun, 17 Nov 2024 04:55:05 GMT
access-control-allow-origin: https://www.publimetro.co
content-length: 334
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/json
vary: Accept-Encoding

GET
H2 200 LCUDVSHEVBGINHNXZN4YF4HXVU.JPG
www.publimetro.co/resizer/v2/ 76 KB
76 KB 67ms
65ms Image
image/avif 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.publimetro.co/resizer/v2/LCUDVSHEVBGINHNXZN4YF4HXVU.JPG?smart=true&auth=b55b1a627159c6017593e9584d64e671f4f1df4f78a318d0acd9b873f0841ca6&width=1508&height=1128
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 1fce959df35470a0b991181b3c69623a25359d789c7483b91e590c4274ac5ceb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: private, no-transform, max-age=31457517
x-arc-ttl: 31536000
etag: "97492c039db7989601f63f72a0b19217"
expires: Sun, 16 Nov 2025 07:07:02 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1731819305570_34846347_129272114_276_18161_37_0_146";dur=1
content-length: 77790
date: Sun, 17 Nov 2024 04:55:05 GMT
x-arc-request-id: 0.8bb61302.1731819305.7b48932
last-modified: Sat, 16 Nov 2024 07:08:10 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 FPKKSGNGDJEDTI7VHK6R5T5P3Y.JPG
www.publimetro.co/resizer/v2/ 26 KB
26 KB 113ms
112ms Image
image/avif 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.publimetro.co/resizer/v2/FPKKSGNGDJEDTI7VHK6R5T5P3Y.JPG?smart=true&auth=ba978e811c48d7d38356d119319754db1b3735f063e231c4da7bea1e7f95e4cd&width=420&height=280
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: db62d79d37245e43fc5e816a6ea03165994c624d11722660dabe41d657692bc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: private, no-transform, max-age=31513381
x-arc-ttl: 31536000
etag: "e2954e952fe528896b1c09a5afc017f1"
expires: Sun, 16 Nov 2025 22:38:06 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=19, ak_p; desc="1731819305582_34846347_129272115_3192_26356_37_0_146";dur=1
content-length: 26130
x-serial: 1417
date: Sun, 17 Nov 2024 04:55:05 GMT
last-modified: Sat, 16 Nov 2024 22:39:14 GMT
content-type: image/avif
server: Akamai Image Manager
x-arc-request-id: 0.8bb61302.1731819305.7b48933

GET
H2 200 DKACSJB7JVG4PHLMII4DMUPUUU.jpeg
www.publimetro.co/resizer/v2/ 12 KB
13 KB 72ms
72ms Image
image/avif 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.publimetro.co/resizer/v2/DKACSJB7JVG4PHLMII4DMUPUUU.jpeg?smart=true&auth=ae17064cb5bd6d642fbba244ac723c433cb5884b74358f9a0fdd1d133aba2c33&width=420&height=280
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 1eb31dc3aed951e7bcc2efcd902ab9a023b31929e3e499a4fc80063b0830d3a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: private, no-transform, max-age=31507836
x-arc-ttl: 31536000
etag: "10e94fae225d9a6be649b14112755b7f"
expires: Sun, 16 Nov 2025 21:05:41 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1731819305571_34846347_129272116_331_16745_37_0_146";dur=1
content-length: 12561
x-serial: 786
date: Sun, 17 Nov 2024 04:55:05 GMT
last-modified: Sat, 16 Nov 2024 21:07:29 GMT
content-type: image/avif
server: Akamai Image Manager
x-arc-request-id: 0.8bb61302.1731819305.7b48934

GET
H2 200 C4ERJCSMTVF73CLPUA4L3WAEZA.jpg
www.publimetro.co/resizer/v2/ 15 KB
15 KB 74ms
73ms Image
image/avif 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.publimetro.co/resizer/v2/C4ERJCSMTVF73CLPUA4L3WAEZA.jpg?smart=true&auth=fdd67566f1732a00cb1c054f136224e0cf33e2275126a6374d7f7fd9c4eb5d16&width=420&height=280
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: a28473257f40516659142016c518a1f4bd532ec124bcac82c120bffb74420fc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: private, no-transform, max-age=31504496
x-arc-ttl: 31536000
etag: "9d700a78259e97bff1a2fd3388dcec7a"
expires: Sun, 16 Nov 2025 20:10:01 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1731819305570_34846347_129272117_710_16452_37_0_146";dur=1
content-length: 14871
x-serial: 1499
date: Sun, 17 Nov 2024 04:55:05 GMT
last-modified: Sat, 16 Nov 2024 20:11:21 GMT
content-type: image/avif
server: Akamai Image Manager
x-arc-request-id: 0.8bb61302.1731819305.7b48935

GET
H2 200 ZA2EPWOEKZBBHDAYWTT62BZB24.jpg
www.publimetro.co/resizer/v2/ 13 KB
13 KB 113ms
113ms Image
image/avif 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.publimetro.co/resizer/v2/ZA2EPWOEKZBBHDAYWTT62BZB24.jpg?smart=true&auth=d716d12ab640fba86d7711d201eeae489369cfba0dccb434752eb953d4af8501&width=420&height=280
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 34dc6cf23ff4c3ffe119d3173aed966d7e13c57f74eeb65bd8e7638e7f6f1e0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: private, no-transform, max-age=31502937
x-arc-ttl: 31536000
etag: "54b5e2950d4f5979fd71798cabb80ff0"
expires: Sun, 16 Nov 2025 19:44:02 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=22, ak_p; desc="1731819305570_34846347_129272118_2275_33905_37_0_146";dur=1
content-length: 13393
x-serial: 982
date: Sun, 17 Nov 2024 04:55:05 GMT
last-modified: Sat, 16 Nov 2024 19:43:18 GMT
content-type: image/avif
server: Akamai Image Manager
x-arc-request-id: 0.8bb61302.1731819305.7b48936

POST
H3 200 d9e91b_8c7a4c89554989915dbbc950c536e54c74b742e9dae5de Show response
selectivesummer.com/submit/ 303 B
723 B 177ms
119ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://selectivesummer.com/submit/d9e91b_8c7a4c89554989915dbbc950c536e54c74b742e9dae5de

Requested by

Host: selectivesummer.com
URL: https://selectivesummer.com/build/df6e58947b08_8aaf3596ab5ab95af644bbe8.vendor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0e03a1a54caf5f60e7bed1cacdb42ff2d4b2d8e13f96947108fda8ccf5369e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.publimetro.co/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-spot-27rk
expires: Sun, 17 Nov 2024 04:55:04 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8e3d20646d034522-TXL
access-control-allow-origin: https://www.publimetro.co
x-buildnumber: 1528792020
server: cloudflare

POST
H2 200 rfv.php Show response
events.newsroom.bi/data/ 27 B
472 B 41ms
41ms Fetch
application/json 57.129.37.210
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/data/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1765
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.37.210 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns3219527.ip-57-129-37.eu
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.publimetro.co/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.publimetro.co
content-length: 42
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 175ms
161ms Script
application/x-javascript 2606:4700::6811:207c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&id=157a43ce63784391aaa32ed55810%7C0&acc=51231&tit=Nequi%2520Glitch%2520apk%2520coge%2520popularidad%2520y%2520genera%2520grandes%2520riesgos%2520para%2520los%2520usuarios%2520que%2520la%2520usan%2520%25u2013%2520Publimetro%2520Colombia&url=https%253A%2F%2Fwww.publimetro.co%2Ftecnologia%2F2023%2F07%2F21%2Fnequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi%2F&upd=1&new=1&h1=Nequi%2520Glitch%253A%2520Est%25E1n%2520estafando%2520a%2520usuarios%2520que%2520descargan%2520supuesta%2520nueva%2520versi%25F3n%2520de%2520Nequi
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:207c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cf-ray: 8e3d20645890d2de-FRA
content-length: 6
cf-cache-status: DYNAMIC
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/x-javascript
server: cloudflare

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ 170 B
410 B 154ms
50ms Script
image/png 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=92245577315

Requested by

Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Sun, 17 Nov 2024 04:55:05 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel-sync.sitescout.com/connectors/navegg/usersync?redir=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D35%26uid%3D%7BuserId%7D
https://pixel-sync.sitescout.com/connectors/navegg/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.navdmp.com%2Fsync%3Fprtid%3D35%26uid%3D%7BuserId%7D
https://sync.navdmp.com/sync?prtid=35&uid=ab58c551-4f1f-40ae-a9ca-6155318e852d-67397729-5553

6 B
57 B

174ms
159ms

Image
application/javascript

2606:4700::6811:207c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=35&uid=ab58c551-4f1f-40ae-a9ca-6155318e852d-67397729-5553
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Server: 2606:4700::6811:207c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cf-ray: 8e3d20658ac6d2de-FRA
content-length: 6
cf-cache-status: DYNAMIC
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/javascript
server: cloudflare

Redirect headers

cache-control: max-age=0,no-cache,no-store
location: https://sync.navdmp.com/sync?prtid=35&uid=ab58c551-4f1f-40ae-a9ca-6155318e852d-67397729-5553
pragma: no-cache
via: 1.1 google
expires: Tue, 11 Oct 1977 12:34:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
content-length: 0
date: Sun, 17 Nov 2024 04:55:05 GMT
server: A

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=6b346739-772a-4900-a914-44c45da3c4e5

43 B
153 B

159ms
159ms

Image
image/gif

2606:4700::6811:207c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=6b346739-772a-4900-a914-44c45da3c4e5
Requested by: Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/
Protocol: H2
Server: 2606:4700::6811:207c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

cf-ray: 8e3d20673d2dd2de-FRA
content-length: 43
cf-cache-status: DYNAMIC
date: Sun, 17 Nov 2024 04:55:06 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare

Redirect headers

X-Permitted-Cross-Domain-Policies: all
X-Content-Type-Options: nosniff
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date: Sun, 17 Nov 2024 04:55:06 GMT
Content-Type: image/gif
Strict-Transport-Security: 31536000
Cache-Control: no-cache,no-store,must-revalidate
location: https://sync.navdmp.com/sync?img=1&mdia=6b346739-772a-4900-a914-44c45da3c4e5
Pragma: no-cache
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Referrer-Policy: strict-origin
Access-Control-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Server: MT3 1668 f41eadd master ord ord-pixel-x1 config_version:"2417"

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
108 B

99ms
81ms

Image
text/html

2a00:1288:80:807::1
YAHOO-DEB Yahoo-U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Sun, 17 Nov 2024 04:55:05 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
content-length: 257
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: text/html
content-language: en
server: ATS

GET
H2 200 AGSKWxXnRTj36sCuOU5SE7g9BhQRXVtAZDoDFm1wpCgO3EgNtXlgXYbRtIvaSMRzWxRbL_rtZ6h0Vs1j68sdH9CbNPPhESYRvHSI_OnVnQD870XsLSYV5RVxD80VrfoL57jpqnwLx-piTA== Show response
fundingchoicesmessages.google.com/f/ 1003 KB
114 KB 147ms
145ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXnRTj36sCuOU5SE7g9BhQRXVtAZDoDFm1wpCgO3EgNtXlgXYbRtIvaSMRzWxRbL_rtZ6h0Vs1j68sdH9CbNPPhESYRvHSI_OnVnQD870XsLSYV5RVxD80VrfoL57jpqnwLx-piTA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxODE5MzA1LDc0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucHVibGltZXRyby5jby90ZWNub2xvZ2lhLzIwMjMvMDcvMjEvbmVxdWktZ2xpdGNoLWVzdGFuLWVzdGFmYW5kby1hLXVzdWFyaW9zLXF1ZS1kZXNjYXJnYW4tc3VwdWVzdGEtbnVldmEtdmVyc2lvbi1kZS1uZXF1aS8iLG51bGwsW1s4LCJlc3l2NDVNNmJ0MCJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMzu5g8zSqkKVOk8Cvk0s5GaEH6-zA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33533da15cd6b5a0a3f8a8ce37547c596ff4c770f5effe9b22b3fabb713861ad

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GAWmDwkF4bzRfOElEUWkLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:55:05 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4Vr57upNNYMbKc3OZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQ1N9AwM4wsMAIp0QCQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-GAWmDwkF4bzRfOElEUWkLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 144ms
53ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.esyv45M6bt0.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy4SE4AZ8w3BG0yx1rAtxHDZG_e1w/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

27976d5e0e7d8174a3c9d99d52cd59cbba2f7f9598f3262236a273612658f694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 04:55:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:55:06 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 17 Nov 2024 04:55:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 VccEQ5JV2ZXbyILMNzF3PCyfAx1l6tNMvKtsfBKQjLVWxNKn5rxtW-Lh9oJXP2CclkAUXrE0pjh4UxZC5DcliRHBoQK1r9ndOzcVdDF_ox6JGH_r4Ui0XQ=h60
lh3.googleusercontent.com/ 5 KB
5 KB 141ms
39ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/VccEQ5JV2ZXbyILMNzF3PCyfAx1l6tNMvKtsfBKQjLVWxNKn5rxtW-Lh9oJXP2CclkAUXrE0pjh4UxZC5DcliRHBoQK1r9ndOzcVdDF_ox6JGH_r4Ui0XQ=h60

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

21b413e5d8a5133b405c11192ef795fe58b9f0cd9a6515008990083adb5eb96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10835
x-content-type-options: nosniff
expires: Mon, 18 Nov 2024 01:54:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 01:54:31 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 5150
x-xss-protection: 0
server: fife

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 39ms
39ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: www.publimetro.co
URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.publimetro.co
Referer: https://www.publimetro.co/

Response headers

age: 307605
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:28:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:28:21 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxWPwioCrfqa6uQDlkshYpx1kH77LJE2BSNrz0X4am5L56lvkTERRcJ_vaLex4nGfBPyMsMJ9vgGDdIb0IyleslSEq4cy_RsrGZwQ2v7DaixG9-ARcngrVaS181Xl1m84fjOwMpa9g== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 99ms
51ms XHR
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPwioCrfqa6uQDlkshYpx1kH77LJE2BSNrz0X4am5L56lvkTERRcJ_vaLex4nGfBPyMsMJ9vgGDdIb0IyleslSEq4cy_RsrGZwQ2v7DaixG9-ARcngrVaS181Xl1m84fjOwMpa9g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Us7YwMnx2OtCKQPsy_QGbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.publimetro.co/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:55:06 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uZY9e7pTjaBHX9nOCi5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0NDQxM9A9P4AgMAMJUo8w"
content-security-policy: script-src 'report-sample' 'nonce-Us7YwMnx2OtCKQPsy_QGbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.publimetro.co
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWPwioCrfqa6uQDlkshYpx1kH77LJE2BSNrz0X4am5L56lvkTERRcJ_vaLex4nGfBPyMsMJ9vgGDdIb0IyleslSEq4cy_RsrGZwQ2v7DaixG9-ARcngrVaS181Xl1m84fjOwMpa9g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2WrMw8SPiAkKQDttaGxT4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.publimetro.co/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 04:55:06 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uZY9e7pTjaBBzOXOyi5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjE0NDQxM9A9P4AgMAIowoww"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2WrMw8SPiAkKQDttaGxT4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.publimetro.co
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 a
www.googletagmanager.com/ 0
14 B 47ms
46ms Image
text/html 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=674892459&rv=4bc0&tag_exp=101925629~102067555~102067808~102077855&u=AAAAAAAIAAAAACCAAAE&h=Ag&gtm=45je4bc0v875268347za200zb9183107035&ccid=75268347&cid=G-7GY9YFFT40&l=L1130.S19.B15.E1059.I1193.EC5.TC15.HTC0~gtm.init.S0.V0.E30.TS5ogt1pdatav2.TI10.TE2.TS5ccdgalast.TI12.TE0.TS5ccdautoredact.TI13.TE0.TS5ccdconversionmarking.TI14.TE0.TS5ccdemvideo.TI15.TE0.TS5ccdemsitesearch.TI16.TE0.TS5ccdemscroll.TI17.TE0.TS5ccdempageview.TI18.TE0.TS5ccdemoutboundclick.TI19.TE0.TS5ccdemdownload.TI20.TE1.TS5ccdgaregscope.TI21.TE1.TS5ogtgooglesignals.TI22.TE0.TS5setproductsettings.TI23.TE0.TS5ccdgafirst.TI24.TE0~gtm.js.S0.V0.E19.TS5gct.TI1.TE0~gtm.dom.S0.V0.E17~gtm.load.S0.V0.E0~gtm.init_consent.S1.V0.E27~GA523

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Sun, 17 Nov 2024 04:55:06 GMT
x-xss-protection: 0
content-type: text/html
server: Google Tag Manager

GET
H2 200 favicon-32x32.png
www.publimetro.co/pf/resources/dist/global/img/ 2 KB
2 KB 52ms
52ms Other
image/avif 2a02:26f0:2780:6::214:f586
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.publimetro.co/pf/resources/dist/global/img/favicon-32x32.png?d=604
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2780:6::214:f586 , Netherlands, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: c61ff45ee98ae7e7ec5804f6c935d0ce35b0863183fae0216c50d4fb49788df0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/

Response headers

cache-control: private, no-transform, max-age=30445953
x-arc-ttl: 31536000
etag: W/"67161273c8c0432b2b924d7e1a111b7e"
expires: Tue, 04 Nov 2025 14:07:39 GMT
access-control-allow-origin: *
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1731819306292_34846347_129272817_40_13502_43_0_219";dur=1
content-length: 2126
x-serial: 822
date: Sun, 17 Nov 2024 04:55:06 GMT
last-modified: Mon, 04 Nov 2024 14:08:40 GMT
content-type: image/avif
server: Akamai Image Manager
x-arc-request-id: 0.8bb61302.1731819306.7b48bf1

POST
H2 204 /
02179916.akstat.io/ 0
230 B 174ms
169ms Ping
image/gif 2a02:26f0:2c:2b0::11a6
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://02179916.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/4PLKK-R4NFW-BL7DR-FXCAN-DNXMA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:2c:2b0::11a6 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.publimetro.co/

Response headers

cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
pragma: no-cache
access-control-allow-credentials: true
expires: Sun, 17 Nov 2024 04:55:06 GMT
access-control-allow-origin: https://www.publimetro.co
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
date: Sun, 17 Nov 2024 04:55:06 GMT
content-type: image/gif

GET
H/1.1

200
OK

results.txt Show response
kd7qo6yccdxaqzzzo4va-pe2hwr-1670edfee-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pe2hwro0a
https://kd7qo6yccdxaqzzzo4va-pe2hwr-1670edfee-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

237ms
39ms

XHR
text/plain

2.16.238.8
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://kd7qo6yccdxaqzzzo4va-pe2hwr-1670edfee-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2.16.238.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-238-8.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8
Date: Sun, 17 Nov 2024 04:55:06 GMT
Content-Type: text/plain
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage

Redirect headers

Access-Control-Allow-Origin: *
Location: https://kd7qo6yccdxaqzzzo4va-pe2hwr-1670edfee-clientnsv4-s.akamaihd.net/eum/results.txt
Content-Length: 0
Date: Sun, 17 Nov 2024 04:55:06 GMT
Server: AkamaiGHost
Connection: keep-alive

GET
H/1.1

200
OK

results.txt Show response
fiaqjiathaajgkqce3ydkaaacztts5zk-pe2hwr-961488ea0-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pe2hwro0a
https://fiaqjiathaajgkqce3ydkaaacztts5zk-pe2hwr-961488ea0-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

181ms
38ms

XHR
text/plain

2a02:26f0:3500:16::215:149b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqjiathaajgkqce3ydkaaacztts5zk-pe2hwr-961488ea0-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.publimetro.co/

Response headers

ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 8
Date: Sun, 17 Nov 2024 04:55:06 GMT
Content-Type: text/plain
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage

Redirect headers

Access-Control-Allow-Origin: *
Location: https://fiaqjiathaajgkqce3ydkaaacztts5zk-pe2hwr-961488ea0-clienttons-s.akamaihd.net/eum/results.txt
Content-Length: 0
Date: Sun, 17 Nov 2024 04:55:06 GMT
Server: AkamaiGHost
Connection: keep-alive

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 2 B
781 B 43ms
42ms Fetch
application/json 57.129.37.210
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1765
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 57.129.37.210 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns3219527.ip-57-129-37.eu
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.publimetro.co/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.publimetro.co
content-length: 2
date: Sun, 17 Nov 2024 04:55:06 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.readmetro.com
URL: https://api.readmetro.com/colombia/index.json

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.publimetro.co/	1969-12-31 23:59:59	Name: arc-geo Value: {"country_code":"DE"}
.publimetro.co/	1970-01-21 10:39:39	Name: _ga_7GY9YFFT40 Value: GS1.1.1731819305.1.0.1731819305.60.0.0
.publimetro.co/	1970-01-21 10:39:39	Name: _ga Value: GA1.1.302816916.1731819305
www.publimetro.co/	1970-01-21 10:25:15	Name: _scor_uid Value: bce217f4ac6d40c68b6fa374e6b92484
.publimetro.co/	1970-01-21 05:24:14	Name: ___nrbic Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1731819305%2C%22currentVisitStarted%22%3A1731819305%2C%22sessionId%22%3A%22f9c5d83b-02c6-4851-be46-445559fea360%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/%22%2C%22referrer%22%3A%22%22%2C%22lpti%22%3A%222023-07-21T21%3A14%3A17.380Z%22%7D
.publimetro.co/	1970-01-21 05:24:14	Name: ___nrbi Value: %7B%22firstVisit%22%3A1731819305%2C%22userId%22%3A%229bd864ee-e00a-453f-9eb1-69f0ca893534%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1731819305%2C%22timesVisited%22%3A1%7D
.publimetro.co/	1970-01-21 05:24:14	Name: compass_uid Value: 9bd864ee-e00a-453f-9eb1-69f0ca893534
.navdmp.com/	1970-01-21 09:49:36	Name: ac3 Value: 1
events.newsroom.bi/	1970-01-21 05:22:51	Name: 1765_u Value: 9bd864ee-e00a-453f-9eb1-69f0ca893534
events.newsroom.bi/	1969-12-31 23:59:59	Name: 1765_s Value: f9c5d83b-02c6-4851-be46-445559fea360
events.newsroom.bi/	1970-01-21 01:46:51	Name: 1765_lv Value: null
events.newsroom.bi/	1970-01-21 01:46:51	Name: 1765_ut Value: 0
.navdmp.com/	1970-01-21 10:39:39	Name: nid Value: 157a43ce631d4a80efc922784d10\|1\|347
.publimetro.co/	1970-01-21 09:49:15	Name: nvg51231 Value: 157a43ce63784391aaa32ed55810\|0_323
.sitescout.com/	1970-01-21 09:49:15	Name: ssi Value: ab58c551-4f1f-40ae-a9ca-6155318e852d#1731819305740
.publimetro.co/	1970-01-21 10:32:27	Name: _awl Value: 2.1731819305.5-a3b54c4192f8f1d109e5cc2dc97bb09e-6763652d6575726f70652d7765737431-0
.sitescout.com/	1970-01-21 01:46:51	Name: _ssuma Value: eyI2NSI6MTczMTgxOTMwNTc4OH0
.mathtag.com/	1970-01-21 10:29:34	Name: uuid Value: 6b346739-772a-4900-a914-44c45da3c4e5

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/ Message: Access to fetch at 'https://api.readmetro.com/colombia/index.json' from origin 'https://www.publimetro.co' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.readmetro.com/colombia/index.json Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://www.publimetro.co/tecnologia/2023/07/21/nequi-glitch-estan-estafando-a-usuarios-que-descargan-supuesta-nueva-version-de-nequi/ Message: Refused to execute script from 'https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=92245577315' because its MIME type ('image/png') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179916.akstat.io
a.teads.tv
api.readmetro.com
at.teads.tv
c.go-mpulse.net
cdn-images.mailchimp.com
cdn.navdmp.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
events.newsroom.bi
fiaqjiathaajgkqce3ydkaaacztts5zk-pe2hwr-961488ea0-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
kd7qo6yccdxaqzzzo4va-pe2hwr-1670edfee-clientnsv4-s.akamaihd.net
lh3.googleusercontent.com
pixel-sync.sitescout.com
pixel.mathtag.com
region1.analytics.google.com
s.go-mpulse.net
sb.scorecardresearch.com
sdk.mrf.io
securepubads.g.doubleclick.net
selectivesummer.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.navdmp.com
t.teads.tv
tag.navdmp.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
ups.analytics.yahoo.com
usr.navdmp.com
www.google.de
www.googletagmanager.com
www.metroworldnews.com
www.publimetro.co
api.readmetro.com
104.18.25.111
13.32.27.111
142.250.185.67
142.250.185.78
142.250.186.104
142.250.186.131
172.217.18.2
172.67.159.162
18.244.18.32
2.16.238.8
2001:4860:4802:34::36
216.200.232.249
216.58.206.66
23.212.89.35
23.32.185.35
2600:9000:223f:8c00:8:48e:53c0:93a1
2606:4700::6811:207c
2606:4700::6812:186f
2a00:1288:80:807::1
2a00:1450:4001:80e::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2001
2a00:1450:400c:c04::9b
2a02:26f0:2780:6::214:f586
2a02:26f0:2c:28c::11a6
2a02:26f0:2c:2b0::11a6
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:149b
34.36.216.150
57.129.37.210
95.101.149.35
01cc30cd7999d3abb85496bd3ce4503bf09e7f248c90e458f5ba6ccdef915c57
06ed0d809178333c4cc4e1442b50e1f2e076b947466c4a204202fc90df34f833
071d0a5d172af491aedca9041f20e830d25fd4d339a1006bca3bed949069aa30
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
16c6db2264fc4692b56c6684fc47601ab5f09dd4110f3f8e1497fb223e1e1240
183a79c135d08ca92841172975467ff9b6c24db28967e0e147c1a328f3198d83
18489d9a92bd48aafd9ca375c6eb0ac16946b0cb5bd4da2f3e026642cd473de1
19fd44588db28dba8d984e1f30b4773bd7eba9f2df9e468cc7c020d55e32552c
1ca5ba518cf0e75a3db0b77e8520ff3573ddd4eeb30370ce26aa3422fc23d554
1eb31dc3aed951e7bcc2efcd902ab9a023b31929e3e499a4fc80063b0830d3a3
1fce959df35470a0b991181b3c69623a25359d789c7483b91e590c4274ac5ceb
21b413e5d8a5133b405c11192ef795fe58b9f0cd9a6515008990083adb5eb96c
27976d5e0e7d8174a3c9d99d52cd59cbba2f7f9598f3262236a273612658f694
2eaaffeda464b83f9093c87a9c710b5773617fb6e89452b2aa7868d14715e17c
2f0b7264810a4f05251ac724721a5a3a61887cff9bd30e1fbbc1bc832e94d38a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33533da15cd6b5a0a3f8a8ce37547c596ff4c770f5effe9b22b3fabb713861ad
34dc6cf23ff4c3ffe119d3173aed966d7e13c57f74eeb65bd8e7638e7f6f1e0b
3640d4e494a8b89fc8fbcfb3203b60a5ba9cfe67fbbe1e0a747a5b5349aa0701
3889a78d543494024bf188bdee26312093b4ddb6cce1185dd1f97d4a4d33884b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
410689fc7f64494db9f42cc9aa913631d79c4aa5d61b7df6da8866b080977b5e
4276065f313a39cf673178ff6ca92d2cd77c5b653770726d66c18abb5cfb1617
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cc58c5d933af8b68c10a43e30ac59832def432fee27fa9f1e88ca39d9c67ca2
5a3b7e99cfccc16836b858238fd8fc58a9aa23d3faf58d4ff1f750215fd9813b
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
76bfe7c70c4b005427f3e09d9c0cee4529e5785b1a5c8dd6da58c4340543390a
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
85a07c31b499201b76e75e330e0cc570e3d39283a8a9a1212db428b5837bd627
8dc231b65510f6790491839c591fbe3174666aadfe0ebdfaebeab994c497a0d5
90eac14536b25f78f409a95297743fbde789628ca437c6e96c96c0b436d32bf3
922fdccfd54a8df223e7e7320b7d64248e90ddc578bb04a8f8078170957f4946
9a3d80cc8377774502f300353c816f5fea05291b3d5347d46ab5bba07f49f49d
a0e03a1a54caf5f60e7bed1cacdb42ff2d4b2d8e13f96947108fda8ccf5369e9
a28473257f40516659142016c518a1f4bd532ec124bcac82c120bffb74420fc7
a7efd0a6a8d4b1937d7dbf763089be3109e16ef5d609edeeb75cf22f7f7f4be2
a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448
aa3d667f460d2d7bf2f0d9d438664fab902e9f8403988e21d3332cb58cac852c
af7118787f31fe970861417270f8ba6370eba6394ef861558ce752f678d8811f
bc3429264ce2c925e607cfb1b6aca8d8743bcd12f031ee66a641cffeed53ec7b
c61ff45ee98ae7e7ec5804f6c935d0ce35b0863183fae0216c50d4fb49788df0
caf50df498e3ed8aec05ea0649098795ab177e09a14ef53c7180f91c13c17b5b
ce4ea64e37e6281fbdf773b39af7ce27ed1fb098fe98e6997396b9575f10785d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff24b888a4d9a7e8e9b781b87dd25dcbc0f226a727d1eeefdc1982aa61d7801
d2999dd8b1e89b9bb0e522a363c0feb6c1a9c6f992ba78ec8a50477245d33c39
d6a58f7d1814138ce7fb2194b071c7100cdfc3d30a95eef8223329dc65774bbf
db62d79d37245e43fc5e816a6ea03165994c624d11722660dabe41d657692bc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42995e03c09dcf524626efef026d8d94006f42c0dd73095d284d92f3c9f9d11
ff76becf7041ec65613ecadbf496b567c500589b20bd0cba000a3e465ccbc0b9

www.publimetro.co Open in urlscan Pro 2a02:26f0:2780:6::214:f586 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

91 %HTTPS

47 %IPv6

24 Domains

37 Subdomains

30 IPs

7 Countries

1600 kBTransfer

6477 kBSize

18 Cookies

1 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.publimetro.co Open in urlscan Pro
2a02:26f0:2780:6::214:f586 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

91 %
HTTPS

47 %
IPv6

24
Domains

37
Subdomains

30
IPs

7
Countries

1600 kB
Transfer

6477 kB
Size

18
Cookies

74 HTTP transactions
0 data transactions