www.metrotvnews.com Open in urlscan Pro
103.225.66.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Submission: On October 12 via manual (October 12th 2023, 2:00:55 am UTC) from ID — Scanned from DE

Summary HTTP 216 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 71 IPs in 15 countries across 64 domains to perform 216 HTTP transactions. The main IP is 103.225.66.90, located in Indonesia and belongs to IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID. The main domain is www.metrotvnews.com. The Cisco Umbrella rank of the primary domain is 895928.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 7th 2022. Valid for: a year.

This is the only time www.metrotvnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	103.225.66.90 103.225.66.90	45734 (IDNIC-MET...) (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia)
5	103.225.66.102 103.225.66.102	45734 (IDNIC-MET...) (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia)
3	103.225.66.86 103.225.66.86	45734 (IDNIC-MET...) (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.193.55 151.101.193.55	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:2250:7000:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	63.33.97.132 63.33.97.132	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
12	217.182.178.224 217.182.178.224	16276 (OVH) (OVH)
2 5	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.251.190.219 34.251.190.219	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
5	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 6	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
1	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	143.204.98.64 143.204.98.64	() ()
1	143.204.215.19 143.204.215.19	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.110 13.32.99.110	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4092	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.241.31.249 35.241.31.249	15169 (GOOGLE) (GOOGLE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
2	2.19.105.180 2.19.105.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	18.193.237.199 18.193.237.199	16509 (AMAZON-02) (AMAZON-02)
2 2	54.76.89.191 54.76.89.191	16509 (AMAZON-02) (AMAZON-02)
1 1	54.166.53.84 54.166.53.84	14618 (AMAZON-AES) (AMAZON-AES)
5 5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	54.197.99.246 54.197.99.246	14618 (AMAZON-AES) (AMAZON-AES)
3 4	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3601:970f:dde0:5c57:1e8b	16509 (AMAZON-02) (AMAZON-02)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	50.31.142.127 50.31.142.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
5 5	52.213.189.61 52.213.189.61	16509 (AMAZON-02) (AMAZON-02)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1 1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	35.214.166.207 35.214.166.207	15169 (GOOGLE) (GOOGLE)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1	72.251.241.196 72.251.241.196	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
3 3	141.94.171.213 141.94.171.213	16276 (OVH) (OVH)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
216	71

32 103.225.66.90 (Indonesia)

ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID)
PTR: ip66-90.metrotvnews.com

www.metrotvnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.225.66.102 (Indonesia)

ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID)
PTR: ip66-102.metrotvnews.com

cdn01.metrotvnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.225.66.86 (Indonesia)

ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID)
PTR: ip66-86.metrotvnews.com

va.medcom.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:7000:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b1975374b50e085527bf1d77f07140ba.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.33.97.132 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-97-132.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 217.182.178.224 (France)

ASN16276 (OVH, FR)
PTR: ip224.ip-217-182-178.eu

prg-apac.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.251.190.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-190-219.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adasia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.64 (United States)

ASN- ()
PTR: server-143-204-98-64.fra50.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-19.fra53.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-110.fra60.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4092 (United States)

ASN13335 (CLOUDFLARENET, US)

as.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.105.180 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-105-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.224.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Weil am Rhein, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.193.237.199 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-237-199.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.89.191 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-89-191.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.166.53.84 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-53-84.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.197.99.246 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-99-246.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.237 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:970f:dde0:5c57:1e8b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.127 (Hickory Hills, United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.213.189.61 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-189-61.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.166.207 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 207.166.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.122 (Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.171.213 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	metrotvnews.com www.metrotvnews.com — Cisco Umbrella Rank: 895928 cdn01.metrotvnews.com — Cisco Umbrella Rank: 380235	470 KB
28	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	293 KB
23	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581 ads.pubmatic.com — Cisco Umbrella Rank: 588 image6.pubmatic.com — Cisco Umbrella Rank: 967 simage2.pubmatic.com — Cisco Umbrella Rank: 959 image2.pubmatic.com — Cisco Umbrella Rank: 1116 simage4.pubmatic.com — Cisco Umbrella Rank: 1354	32 KB
20	googlesyndication.com b1975374b50e085527bf1d77f07140ba.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	200 KB
13	smartadserver.com 1 redirects prg-apac.smartadserver.com — Cisco Umbrella Rank: 10674 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	5 KB
10	criteo.com 3 redirects bidder.criteo.com — Cisco Umbrella Rank: 895 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 dis.criteo.com — Cisco Umbrella Rank: 648	15 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 261 acdn.adnxs.com — Cisco Umbrella Rank: 663	20 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 334 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 657 aax.amazon-adsystem.com — Cisco Umbrella Rank: 426 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1086	69 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 624	3 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	294 KB
5	yandex.ru bs.yandex.ru — Cisco Umbrella Rank: 13295	929 B
5	smaato.net prebid.ad.smaato.net — Cisco Umbrella Rank: 5335	2 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1906 rtb.openx.net — Cisco Umbrella Rank: 912 google-bidout-d.openx.net — Cisco Umbrella Rank: 1919 adasia-d.openx.net — Cisco Umbrella Rank: 30705	1 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 3616 c1.adform.net — Cisco Umbrella Rank: 643	3 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2979	3 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 563 eus.rubiconproject.com — Cisco Umbrella Rank: 662 token.rubiconproject.com — Cisco Umbrella Rank: 504	15 KB
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073 sync.crwdcntrl.net — Cisco Umbrella Rank: 1011	13 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3315	1 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465	898 B
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 387	1 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	75 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 16330	77 KB
3	gstatic.com fonts.gstatic.com	24 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	246 KB
3	medcom.id va.medcom.id — Cisco Umbrella Rank: 477666	73 KB
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 31389	2 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1270	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5121	562 B
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	771 B
2	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491 ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	551 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	297 B
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 5494	1 KB
2	adlooxtracking.com as.adlooxtracking.com — Cisco Umbrella Rank: 488050 data00.adlooxtracking.com — Cisco Umbrella Rank: 12968	27 KB
2	trvdp.com go.trvdp.com — Cisco Umbrella Rank: 29167 s.trvdp.com — Cisco Umbrella Rank: 27427	131 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	30 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	3 KB
2	anymind360.com anymind360.com — Cisco Umbrella Rank: 18222	173 KB
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2536	555 B
1	dotomi.com pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4048	104 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1024	518 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 3540	438 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 6854	276 B
1	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 6415	368 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 1000	793 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1504	283 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 2092	552 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1165	225 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 602	664 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 637	379 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 847	187 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 952	611 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 915	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617	524 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 929	588 B
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 21514	606 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 24937	2 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1319	5 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2118	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931	3 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6147	408 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
0	gammaplatform.com Failed cm-supply-web.gammaplatform.com Failed
0	mrtnsvr.com Failed ad.mrtnsvr.com Failed
216	64

	Domain	Requested by
32	www.metrotvnews.com	www.metrotvnews.com
22	securepubads.g.doubleclick.net	va.medcom.id securepubads.g.doubleclick.net anymind360.com www.metrotvnews.com www.googletagservices.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
12	prg-apac.smartadserver.com	anymind360.com
9	simage2.pubmatic.com	ads.pubmatic.com
7	image2.pubmatic.com	ads.pubmatic.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	gum.criteo.com	2 redirects static.criteo.net anymind360.com
5	match.prod.bidr.io	5 redirects
5	cm.g.doubleclick.net	5 redirects
5	www.googletagservices.com	securepubads.g.doubleclick.net
5	bs.yandex.ru	anymind360.com
5	prebid.ad.smaato.net	anymind360.com
5	ib.adnxs.com	2 redirects anymind360.com acdn.adnxs.com
5	cdn01.metrotvnews.com	www.metrotvnews.com
4	a.audrte.com	3 redirects ads.pubmatic.com
3	pixel.onaudience.com	3 redirects
3	c1.adform.net	2 redirects ads.pubmatic.com
3	x.bidswitch.net	2 redirects ads.pubmatic.com
3	image6.pubmatic.com	1 redirects ads.pubmatic.com
3	www.google.com	tpc.googlesyndication.com securepubads.g.doubleclick.net
3	static.criteo.net	securepubads.g.doubleclick.net anymind360.com static.criteo.net
3	cdn.izooto.com	va.medcom.id cdn.izooto.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	www.metrotvnews.com www.googletagmanager.com
3	va.medcom.id	www.metrotvnews.com va.medcom.id
2	loada.exelator.com	2 redirects
2	uipglob.semasio.net	1 redirects
2	d5p.de17a.com	2 redirects
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	match.adsrvr.org	ads.pubmatic.com
2	cr.frontend.weborama.fr	2 redirects
2	sync.crwdcntrl.net	1 redirects ads.pubmatic.com
2	ads.avct.cloud	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	eus.rubiconproject.com	anymind360.com eus.rubiconproject.com
2	ads.pubmatic.com	anymind360.com ads.pubmatic.com
2	mug.criteo.com	www.metrotvnews.com
2	oajs.openx.net	1 redirects www.metrotvnews.com
2	c.amazon-adsystem.com	anymind360.com c.amazon-adsystem.com
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net anymind360.com
2	anymind360.com	va.medcom.id anymind360.com
2	region1.analytics.google.com	www.googletagmanager.com
1	match.adsby.bidtheatre.com	1 redirects
1	pubmatic-match.dotomi.com
1	ad.turn.com	1 redirects
1	mwzeom.zeotap.com
1	core.iprom.net	ads.pubmatic.com
1	ipac.ctnsnet.com	ads.pubmatic.com
1	p.rfihub.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	t.adx.opera.com	1 redirects
1	csync.loopme.me	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	bh.contextweb.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	adasia-d.openx.net	anymind360.com
1	acdn.adnxs.com	anymind360.com
1	data00.adlooxtracking.com	as.adlooxtracking.com
1	as.adlooxtracking.com	securepubads.g.doubleclick.net
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	hbopenbid.pubmatic.com	anymind360.com
1	bidder.criteo.com	anymind360.com
1	fastlane.rubiconproject.com	anymind360.com
1	rtb.openx.net	anymind360.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	b1975374b50e085527bf1d77f07140ba.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	www.google.de	www.metrotvnews.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	www.metrotvnews.com
0	cm-supply-web.gammaplatform.com Failed	ads.pubmatic.com
0	ad.mrtnsvr.com Failed	ads.pubmatic.com
216	96

This site contains links to these domains. Also see Links.

Domain
xtend.metrotvnews.com
www.facebook.com
twitter.com
api.whatsapp.com
social-plugins.line.me
news.google.com
career.metrotvnews.com
apps.apple.com
play.google.com
www.youtube.com
www.instagram.com
www.medcom.id
mediaindonesia.com
www.podme.id
www.lampost.co
inibaru.id

Subject Issuer	Validity	Valid
*.metrotvnews.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-07` - `2023-11-05`	a year	crt.sh
*.medcom.id Sectigo RSA Domain Validation Secure Server CA	`2022-12-08` - `2024-01-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
anymind360.com R3	`2023-08-26` - `2023-11-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
smaato.net Sectigo ECC Domain Validation Secure Server CA	`2023-08-25` - `2024-08-24`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
adlooxtracking.com GTS CA 1P5	`2023-09-29` - `2023-12-28`	3 months	crt.sh
*.adlooxtracking.com R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.iprom.net R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Frame ID: 38DDA58F84EB744B87B032EDD8BAA7FC
Requests: 121 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: 53E22772750274D4ED5DCA6C9BA770BA
Requests: 1 HTTP requests in this frame

Frame: https://b1975374b50e085527bf1d77f07140ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E736A4B208F04443AD34122EDEEF3747
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.metrotvnews.com
Frame ID: DFF0F075634DF1272799C2EADAFC03AA
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAbxZoAmOpU70bFWWpFhfVytcip9TN74MN_VlBT2zpdrhKE-D3Ki4cr_70Cryd3DfhkibAFvq0IkjXNrP93cqrsVUuIeEaUXKt-5Ue_NCbRVD_b3WCSncFRHFvpgjV-ioPcLZ2OWYrkIicFPDWSNJ5fEtriYhal2bzd9phUSPWBf8zMTGeX-WVniReCIBjJ4QgDd_oUphdipGWceld88AOkmr7tgs_eJx6uz-AvtWwjcAH4Ax35mWGOO4leIglFhSx1SpYP4c5ATKzCSBUM_hPhgN0FatgsaFXAVSVDWRW_tzDGzJnULPnCHzW7pBc3qGK1ge4lgBoJBVlPLEcbpIG-dyg&sai=AMfl-YTQ0LZJXybLMryT8U1WjfTDHhNkTtVU6HDsBoXkWo8Ss4iict4NJSJlzUUdtWIglVWQ5Aj10BJmO8mHgVLctNy5QRpcbKq2c1la9cgemWEm_SA6Pfs3L_s37MNgYioLygXINohGeYO1x4PGL582&sig=Cg0ArKJSzOEz_cT0b3Z1EAE&uach_m=[UACH]&adurl=
Frame ID: B92A575AAA03E73ED14746955A25F952
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 6E9998C9CD668CE7721FB4BCB79198C7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 10CAF1E0013E10B4A62AD38C40432F54
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7BF3F277CBEA6B1B126E78AB07C6EA85
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWEeZHveqk7MHpVeIzGc0Oj4RldxCgZ9rzDJ8LJyHZextXr4Y0l2BDRGnaiiPlFJ9XFCZGmMryVA07UemKu5zbV4Bb4mz4HfsQJH14Gw4pPvS9ntxF-IohLKLVQnZRyVuhWkL1LvHXzgZuKiE7e58WNrvoos2tkS4Qlf6_lr9PZk2NNfPBCyAbiSoZbFckPbLVC5TZ2v7PMTCxLSamBsZ8pJ5PLM7p7rB6sQ5SZdM6hUQM3Hy3aXhCEBMfFz3XWglqcmof_7oBCkdjVSUQPtkgZeUQnyZeO8JWfd32PxAn3Itcd2djwfR80-xHYxbP8vDq5xaOOL-9bHDwI0md0-xUUwL9wEXkknoEpCleCnLBgibNGeY&sai=AMfl-YRz8fjTrNfbUcjVd1gBdrTE3B-Jxl3kbkKSCZlLnOpuLI6s-_h63iuHrzOdyHqqqa3A2lO2Fnt42DlOn66Pm7y9cb2WEMS-sxgivIt_QmHYjhl1FhAa2uKnIw0drL8&sig=Cg0ArKJSzN5bNPXWDnK4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 3CA868AAAA4842E184EFDFF2A1A6E6AA
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso_XpNy2TQIfuk4Ikk_fuDeEGWIrM1YG99MabLtzVoWOIY-ldjLSuOwNVPqgrrkrEFTuDFkoqTW8yca0MbBuktMPhYtBEWuPTD_r8uEbf3J3ZjZwZeecKOFNl72xEkvfN0UGyTXAx1bybf4hq7Coccnvm8ZLSwQjKQsvJADP-KJxHhqzt31kFABNf1sBibfExZsRyUkJs5gKdvoOcaz2tylybJgs7peG1uJu4Yy39SFR29bPTt4f1Q_qvVb-dEfwvEiglTwuOYo52G2ZZc7AGI2rVzHzSulYdXCNbs_7UZTIm06KyG8fWWzEdqpCGrA1b4fGwTVu4Avjw5WlqSCDaG-Er71LPhNk5JUnLecvPQ0LprHBFKLlo4AStC3J7g8FgpCbIDGhYNK4-TLKwkDsrc2-RsL3onmiFum30g&sai=AMfl-YR5ZnRQIcrPOcmWA7g9wNCMlOzW4WM_qoMvgZ1_-aR7M2S_I10k33cafj0LgeYoHDTYk4Fvf1nE9HIJVCGHAvvgG5SGCXnM4KWB1jdkm5VXsbZnP55B89iibwOBXiI&sig=Cg0ArKJSzDbhsKYMRqF-EAE&uach_m=[UACH]&adurl=
Frame ID: D562C1C69DF062FC71C7803E6A5ED86E
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8E7X9RnYhKyUw7rPL_WB7-AewHecL6qOooC-966-9U46sMeb7TGvXvysMtQ1FeGUyl1LV04vo3G_immHVMgpY_Z9MmI-K8QFWLDsYhmJ8P3LfzLZmpUUnU2381Ep0lIHyj04SuaNEWkxe7z-wJcW5CGW4lgyKDI8Jubi9cdsdSBaJ-ygFjCJfiMai6WmIhVZqX_qjDMNp2J0Dj_NM-7B9nbZmLmbHTPHvFuAthhBrjhnE1bN1XV-jHLFRN5gOg3pjzCOntbmWJ0Pl5W05cYWzXqFnXz9fxpzmPDIpWJz9PsbO9J-zXMPvbM4Oa_Nz06DfP5epdh7F5g2Ymr3fkJhSEg3F&sai=AMfl-YQCPyyOPgdZQLX0VxFDStdLjA74TRC5KfulKjaFSU_xp4ARHsVszVtFrAOy_6puW2bjmVGEFGR7GU8oFu82RKQfjIgIP6X0zXcQ1PviatL4ngS2sAJGRk900RkjhiM&sig=Cg0ArKJSzIAHQEMdMpCTEAE&uach_m=[UACH]&adurl=
Frame ID: 767F5D158A891FC3A928798C1E6918F0
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.metrotvnews.com
Frame ID: 31322C6C1C32896644BD1ECEE3109037
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXwFa-D2a22hZK_ADnBK-CmDI2Qt19Kzj9gH6-zOp6DOpJffftPZN8p15P53UM28N2FVy85lDMUjd9Uo8oDp5PsrrFonEOvP8QkXcj8Laiqy2wwV9wHH1yTzHl9F2Kqs836796vStDQDpHJrXV41IYzzOx8SCR_oh22FURmM_J8dHFuS2t-K7QgV9vtyNZ7zTz1Q0H0pdib_XpniDWUxKbb2Djf4faiXYADxOfbNBem60J-8Kf_J2safJfCQhzNstxXin0RCYE8Ptx4qlEYlG6UViRZROYrc0yyeJB6In_DuqmjnT3KQLEWMNuLmE_lpDlryA2wueCqvPCUrBW9-aK6tTI2THSvH-palKZ0iDUfVdcb2Dk78ehxOaa4eQgUjM6tCLgkNJral1WmCeE&sai=AMfl-YRDyHtr3y5TmUbqBf5zNTG0VGgkle1pX83u4jgdHsVTn9p7wLaKdWh0PK1EeomVnUskv8N2B2QjaDy5IJyIrBTesO3rSXfevyivKJGuOgwpBaqd1Ozg8cns4IT6YWs&sig=Cg0ArKJSzFW8mjPFBwSgEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2DC279CE6B01E13D40B09EEF9D71EBC3
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 220E0D296907C1BC62D5793CA6DEB5E8
Requests: 3 HTTP requests in this frame

Frame: https://adasia-d.openx.net/w/1.0/pd
Frame ID: 3DF3B547B3DB3EB59F681DBA8130EF0F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Frame ID: DFE07A7BC6F9EC9CB136E7876E4AAF5C
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E6E9DBBB5B467C05FC81120D1CF5EA3D
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 2DAE3F7EF154802CC24C5162DDB4676F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: E0E78F592F280485D8698A1C9132E177
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3o4MMd2ICzbFjgw32oMTMozdWz7F3l1n3oPOqXAb
Frame ID: 91DA27F2D592BE752920BBA5CFBBE3C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7160140692651466434&gdpr=0&gdpr_consent=
Frame ID: D602495587ECF281A2C2FF7C9F4E24FD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288886124990363787&gdpr=0&gdpr_consent=
Frame ID: 3F6943CFDA0B94DBA3CDF3C41345500A
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=59&user_id=ff7ff8a5-c517-4877-9a34-47e436d54898&ssp=pubmatic
Frame ID: 9849E29B1EDFF623BE70F1D9670605B6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cd194Yb8UC5yPwc1B-PkEVD_CsU&gdpr=0&gdpr_consent=
Frame ID: EA8410099D3D86C6472AD0EC26D49649
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&gdpr=0&gdpr_consent=
Frame ID: AD72FD65D280D330E098A2B2DF892B5E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 3EAD8EE810A5A83DAC3DDDA931C47309
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSdTUwAT_UMHIgA4
Frame ID: AD0CD769F0FB13074EE6671FB685A258
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABT307KTqcAABjhdsmXoA&gdpr=0&gdpr_consent=
Frame ID: 0B3BF9575386878C53113F99528B19D4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 1A14CA243D16E664A652369CD080C634
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1106d16dc43544dc8f18e9892ba8ba84
Frame ID: DE65B4DCFAA33EA8AF553AA1933CFC85
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 494B074CDD273EA51285AE18B325F917
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6883960685232961764
Frame ID: 7993BC6C84CFD2E61C82B236A4D6AD54
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685630125041201
Frame ID: 9D12925BA6D59AEF434C648F3E5A2705
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 3AF9ED1C772A54D8F821B63DC701010A
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: 310ABCC5E77059A1C8DBC1B1B00040CD
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 624F94C4EECFA1B33B91E1F16FC9DDD5
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 173283BDFE1769A522E7874B555CE590
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buat Situs Bank BNI Palsu untuk Ambil Data Nasabah, Pria di Kalbar Ditangkap

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

216
Requests

91 %
HTTPS

28 %
IPv6

64
Domains

96
Subdomains

71
IPs

15
Countries

2310 kB
Transfer

6020 kB
Size

78
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://xtend.metrotvnews.com/
Title: Fanzone

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone&text=https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Search URL Search Domain Scan URL

URL: https://news.google.com/s/CBIw6anaoyE?sceid=ID:id&sceid=ID:id&r=0&oc=1
Title: akun google news Metrotvnews.com

Search URL Search Domain Scan URL

URL: https://career.metrotvnews.com/
Title: career

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/medcom-id/id1336402791

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.algostudio.metrotv

Search URL Search Domain Scan URL

URL: https://www.facebook.com/metrotv/

Search URL Search Domain Scan URL

URL: https://twitter.com/Metro_TV

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/metrotvnews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/metrotv/

Search URL Search Domain Scan URL

URL: https://www.medcom.id/

Search URL Search Domain Scan URL

URL: https://mediaindonesia.com/

Search URL Search Domain Scan URL

URL: https://www.podme.id/

Search URL Search Domain Scan URL

URL: https://www.lampost.co/

Search URL Search Domain Scan URL

URL: https://inibaru.id/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&rid=esp&cc=1

Request Chain 105

https://gum.criteo.com/sid/json?origin=publishertagids&domain=metrotvnews.com&sn=ChromeSyncframe&so=0&topUrl=www.metrotvnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uJamoXxpNXo2WG9ienIyK2tzQ3d6KzhuU01xaFBGTUVnU0UwRUx1S1ZkRnkzQnFPZXRtWWFtTVBGSWlSVE9BT3QyUkF6c0w0SjU2eG9JY2FkMDRjNU5RY1JLMjZVenEvQzdGejlwSnBUTFdWZnZCQWNLaFVHMUlNajdYdyt5dzFxblpGUDZPU1FsK3hhTXhPaEZUalp3LytYUDJOU3RSMUFhNmx6L21ZM3Zub2hwd3pkV1U0d0w2NmJxbHBSTWI0M1RGeU5lUzhuQ0xiTDVvN1RUWm5Nd0RzUTROTXY1V0hRdUl6Sk9WT24zTUxkUk9uUys5L1FBQ2kyUFMzdkMwTXV3V1BKUEVlRGlza0NROGlhcGlVYUZuaFN0Zz09fA&cppv=2

Request Chain 160

https://gum.criteo.com/sid/json?origin=publishertag&domain=metrotvnews.com&sn=ChromeSyncframe&so=3&topUrl=www.metrotvnews.com&bundle=QVkLhV9jdWJjNnI1T2hoYXRqalBBc0tkdkNJUFBIa21pRHYwak4lMkJxeEFWc3l1MjNOeEF5M1hsZU1VNlVwcXh6dTBDdDIlMkZrcktNczVtU2FwanZmR2lkb20xQTM5MTN3cTVaRURXOEFUMTF1emxkU1FsRWg5YllOeHY0R25XYTlGVWZmQnlyOXJLQ09yTnBwN3NmQkdvSEZra2hRJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pP1Go3xCd1hxbzROZFpLUWNHb1VsaUtzSkRHbHZ2bUNHTHdLaGw0OWNjbG8rdFM3NWd3Sm9Xc2JzKy9KcWZmNEVvRS9INUk3Mk9VSjM2MHZlTmVCcEJWVi84NlMrN09DdTNVengxbk0wQWVlNTJ2aHlqcml6cjNiTUNjS2FJWm1CaWxUYlVwZkRuZWluTzBydzBYRXRKempmQmJCUVVNbmhwQTNGTG5kUEoxM1owK05SWFVsTGU3ekFUWVpSVXlORmx2ZVkrbys4cnlKM2J1K1B0T2pUR2Frdm0rd0hqajJTeG9XQnAxN2JUcm1BbXhSUjNUYS96SHYrN1cwUmF3ZGluQkFNdXg2VDhHWGpGZk9oRTN1b3drY0hyVjg1VHh4MldOYkt5VWthUDRTNm0wST18&cppv=2

Request Chain 177

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 180

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 181

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 182

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3o4MMd2ICzbFjgw32oMTMozdWz7F3l1n3oPOqXAb

Request Chain 183

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7160140692651466434&gdpr=0&gdpr_consent=

Request Chain 184

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288886124990363787&gdpr=0&gdpr_consent=

Request Chain 185

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=ff7ff8a5-c517-4877-9a34-47e436d54898&ssp=pubmatic

Request Chain 186

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cd194Yb8UC5yPwc1B-PkEVD_CsU&gdpr=0&gdpr_consent=

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjSQ3kstReuIWj1tLsU0WA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 189

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2610272151 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5A3490DE-4B2D-45EB-885A-3D6D2EC53458

Request Chain 190

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=5A3490DE-4B2D-45EB-885A-3D6D2EC53458 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWRhb1NUZUYzekZSQXVPeDE3enN5bDRIUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=1568788287180738237&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUEzNDkwREUtNEIyRC00NUVCLTg4NUEtM0Q2RDJFQzUzNDU4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPinn8RVcVzTesy0FdVpC1Y&google_cver=1

Request Chain 194

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1568788287180738237

Request Chain 203

https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0

Request Chain 204

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSdTUwAT_UMHIgA4

Request Chain 205

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVDMwN0tUcWNBQUJqaGRzbVhvQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AABT307KTqcAABjhdsmXoA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABT307KTqcAABjhdsmXoA&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AABT307KTqcAABjhdsmXoA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8025994451557218396&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABT307KTqcAABjhdsmXoA&gdpr=0&gdpr_consent=

Request Chain 206

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 207

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1106d16dc43544dc8f18e9892ba8ba84

Request Chain 209

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6883960685232961764

Request Chain 210

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685630125041201

Request Chain 216

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 217

https://pixel.onaudience.com/?partner=214&mapped=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e36ca90fd8c87aab/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=047cbfdd10bcbecc6a2dd01748cfb9a6&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 218

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3440014400086778441&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 220

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:73ece5f6-156a-4eff-a470-2efec3165a75&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

216 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap Show response
www.metrotvnews.com/read/ 57 KB
13 KB 1287ms
199ms Document
text/html 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2aa74ff360ff95b3d8b83b1af51dc38ed1278a754998233af831ec36d6867402

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: ngx-bal
content-encoding: gzip
content-length: 12726
content-type: text/html; charset=UTF-8
date: Thu, 12 Oct 2023 02:00:38 GMT
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 a_64f180b318f21.jpg
cdn01.metrotvnews.com/dynamic/content/2023/09/01/b1oC8y08/ 98 KB
99 KB 1163ms
465ms Image
image/jpeg 103.225.66.102
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.metrotvnews.com/dynamic/content/2023/09/01/b1oC8y08/a_64f180b318f21.jpg?w=720
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.225.66.102 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-102.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: afc70bfc5406877816229d5d0b7de4ba27eb604003ad3989fa34775256117a89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:39 GMT
last-modified: Fri, 01 Sep 2023 06:11:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64f180a9-3c862"
content-type: image/jpeg
cache-control: max-age=604800, public
content-length: 100822
expires: Thu, 19 Oct 2023 02:00:39 GMT

GET
H2 200 detail.css
www.metrotvnews.com/asset/css/ 41 KB
6 KB 212ms
211ms Stylesheet
text/css 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/asset/css/detail.css
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 355539a6c554e9a1d2724ac8a3dcc5d7d3b7ce83c3807fb49c7e048f1c93f377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:38 GMT
content-encoding: gzip
last-modified: Mon, 09 Oct 2023 06:03:13 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "a5ab-60742586cd66e-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: ngx-bal
accept-ranges: bytes
content-length: 6253

GET
H2 200 ads.css
www.metrotvnews.com/asset/css/ 9 KB
2 KB 213ms
212ms Stylesheet
text/css 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/asset/css/ads.css
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 05981f32ab7b55783aea2849fa155694afcf61cd01f08e04a9c3a4865451cc2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:38 GMT
content-encoding: gzip
last-modified: Mon, 11 Sep 2023 09:36:46 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "23c5-60512109cf21b-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: ngx-bal
accept-ranges: bytes
content-length: 1429

GET
H2 200 navbar-dropdown.css
www.metrotvnews.com/asset/css/ 2 KB
781 B 214ms
213ms Stylesheet
text/css 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/asset/css/navbar-dropdown.css
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f402f5298c2df1fe758b9ea3f79dd4f27d7b67b460ae5230044e46feef509e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:38 GMT
content-encoding: gzip
last-modified: Fri, 28 Apr 2023 10:23:19 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60c-5fa62dcb263a2-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: ngx-bal
accept-ranges: bytes
content-length: 579

GET
H2 200 navbar.css
www.metrotvnews.com/asset/css/ 2 KB
952 B 214ms
213ms Stylesheet
text/css 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/asset/css/navbar.css
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9baa8eb6faa6c0051fcfbd49b870de9fade44bca484e071dc064b5895be93908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:38 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 10:25:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "816-606f5894c5f53-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: ngx-bal
accept-ranges: bytes
content-length: 749

GET
H2 200 search-form.css
www.metrotvnews.com/asset/css/ 599 B
506 B 214ms
214ms Stylesheet
text/css 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/asset/css/search-form.css
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5cdd64d68cefd95ee8b439f02c16e47d99b983cc6ba05663ee9afdb10056dd44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:38 GMT
content-encoding: gzip
last-modified: Mon, 13 Mar 2023 11:15:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "257-5f6c639c4163e-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: ngx-bal
accept-ranges: bytes
content-length: 303

GET
H2 200 fontawesome-all.css
va.medcom.id/2018/default/css/ 57 KB
11 KB 886ms
188ms Stylesheet
text/css 103.225.66.86
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL

https://va.medcom.id/2018/default/css/fontawesome-all.css

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.225.66.86 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),

Reverse DNS

ip66-86.metrotvnews.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

2aa2c1304d4c912b456c6c405178101d6860786205755c164fcb16146b21f4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
last-modified: Thu, 13 Sep 2018 04:07:14 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 11 Oct 2024 02:00:39 GMT

GET
H2 200 logo.png
www.metrotvnews.com/asset/asset/ 15 KB
15 KB 432ms
431ms Image
image/png 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/logo.png
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3849cb314678f9f7cc4ef33c447af61564c9d064a11f1b6bb8169f0c2d0f459a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "3c3d-5bf1e1d8e3da7"
content-type: image/png
cache-control: ngx-bal
accept-ranges: bytes
content-length: 15421

GET
H2 200 facebook.svg
www.metrotvnews.com/asset/asset/icons/ 440 B
609 B 411ms
377ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/facebook.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5ea10287d4ebdda92b6ead9f13c6322af78e3fd898735f89b63edc096a625bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "1b8-5bf1e1d8e4d47"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 440

GET
H2 200 twitter.svg
www.metrotvnews.com/asset/asset/icons/ 2 KB
2 KB 411ms
377ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/twitter.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6990b6a5773c4a97e34bb01bdaf1ec0aefd719f70e403798b2196bcd9d00237c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "600-5bf1e1d8e5ce7"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 1536

GET
H2 200 whatsapp.svg
www.metrotvnews.com/asset/asset/icons/ 3 KB
3 KB 622ms
589ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/whatsapp.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8b997f49575f783705822d33c15bb1f8b3ea4e770c972ece38ecc9f628ae01a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "a20-5bf1e1d8e5ce7"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 2592

GET
H2 200 line.svg
www.metrotvnews.com/asset/asset/icons/ 3 KB
3 KB 623ms
590ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/line.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3f2bc6856dae7db110921b9834dc1dfe15aa0e315e13b757ac218af7aad7a0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "b02-5bf1e1d8e4d47"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 2818

GET
H2 200 decrease-font.png
www.metrotvnews.com/asset/asset/icons/ 2 KB
2 KB 837ms
803ms Image
image/png 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/decrease-font.png
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2a93164d573eb1fa9016111ca12919413da25acd55b3360c7b55fecc9c4f6960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "637-5bf1e1d8e6c87"
content-type: image/png
cache-control: ngx-bal
accept-ranges: bytes
content-length: 1591

GET
H2 200 increase-font.png
www.metrotvnews.com/asset/asset/icons/ 2 KB
2 KB 837ms
804ms Image
image/png 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/increase-font.png
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c245c9c2413a010a24854d7699059a0ddd1df11874328a0ad61f007dda819e46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "687-5bf1e1d8e6c87"
content-type: image/png
cache-control: ngx-bal
accept-ranges: bytes
content-length: 1671

GET
H2 200 night.png
www.metrotvnews.com/asset/asset/icons/ 2 KB
2 KB 837ms
805ms Image
image/png 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/night.png
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 05bd689b8e998e50efbfbc96dc391c86de020d355ceb5ed929b457e9c0afbcbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "807-5bf1e1d8e9b67"
content-type: image/png
cache-control: ngx-bal
accept-ranges: bytes
content-length: 2055

GET
H2 200 ic_apple.svg
www.metrotvnews.com/asset/asset/icons/ 1 KB
1 KB 838ms
805ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/ic_apple.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5d78bc6e2defbc823770a1d78fe6db355c2e502e548de2a335c9a7a02c8718e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Wed, 21 Jul 2021 07:34:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "413-5c79d3321307c"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 1043

GET
H2 200 ic_android.svg
www.metrotvnews.com/asset/asset/icons/ 2 KB
2 KB 838ms
805ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/ic_android.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 438d28215cd087d42e6fd6bf3c5db89dd616d4a18cb94461d5d0f263a3be2734

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Wed, 21 Jul 2021 07:34:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "659-5c79d3321307c"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 1625

GET
H2 200 youtube.svg
www.metrotvnews.com/asset/asset/icons/ 1 KB
1 KB 838ms
806ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/youtube.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6512a1f170f5d16039df9e723da7ce3fb0720b2047a14062600956bcadffebd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "469-5bf1e1d8e5ce7"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 1129

GET
H2 200 instagram.svg
www.metrotvnews.com/asset/asset/icons/ 4 KB
4 KB 838ms
806ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/instagram.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d8fee409c09618c9d9a4e3f49f884bbd64a78d4995690a489b70c138495c91ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "e1d-5bf1e1d8e6c87"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 3613

GET
H2 200 medcom.webp
www.metrotvnews.com/asset/asset/group/ 4 KB
4 KB 1040ms
1009ms Image
image/webp 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/group/medcom.webp
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6823e5add77f6eaec0e4e8a866a90d339a572e6dfed67228fbbd6c01d74c62ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
cache-control: ngx-bal
last-modified: Wed, 27 Apr 2022 13:23:03 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "1058-5dda2b58d71bb"
content-length: 4184

GET
H2 200 mi.webp
www.metrotvnews.com/asset/asset/group/ 2 KB
2 KB 1041ms
1010ms Image
image/webp 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/group/mi.webp
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2a2b77d3ed0b0f80f10b9c2fb2d58af5c4195bee538064716ced60a8678fc5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
cache-control: ngx-bal
last-modified: Wed, 27 Apr 2022 13:23:03 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "7ac-5dda2b58d71bb"
content-length: 1964

GET
H2 200 podme.webp
www.metrotvnews.com/asset/asset/group/ 886 B
1 KB 1041ms
1010ms Image
image/webp 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/group/podme.webp
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1dc5020af06df23cd8ae8752d712384012d1676abe530e7ac48578d474e811bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
cache-control: ngx-bal
last-modified: Wed, 27 Apr 2022 13:23:03 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "376-5dda2b58d71bb"
content-length: 886

GET
H2 200 lampost.webp
www.metrotvnews.com/asset/asset/group/ 2 KB
2 KB 1041ms
1011ms Image
image/webp 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/group/lampost.webp
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 72eef0ef9440eb9509b3e7f37fae2e83ade79179cbcd0b77b04e075e75640fb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
cache-control: ngx-bal
last-modified: Wed, 27 Apr 2022 13:23:03 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "8fa-5dda2b58d71bb"
content-length: 2298

GET
H2 200 inibaru.webp
www.metrotvnews.com/asset/asset/group/ 2 KB
2 KB 1238ms
1208ms Image
image/webp 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/group/inibaru.webp
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d627900b06adc1b2d1e80f4470022ac155f5a20f6a3455907f3f6124867961ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
cache-control: ngx-bal
last-modified: Wed, 27 Apr 2022 13:23:03 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "80e-5dda2b58d71bb"
content-length: 2062

GET
H2 200 loadlazy.min.js Show response
www.metrotvnews.com/asset/js/ 934 B
688 B 1239ms
1208ms Script
application/javascript 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/asset/js/loadlazy.min.js
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7d8167e81a60c39c15a67f53529b6c0f32ed1815f3726abcb96f923a18ae29a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 09:38:35 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "3a6-606b889c1bde8-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: ngx-bal
accept-ranges: bytes
content-length: 475

GET
H2 200 loadjs.min.js Show response
va.medcom.id/2018/default/js/ 447 B
565 B 247ms
218ms Script
application/x-javascript 103.225.66.86
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL

https://va.medcom.id/2018/default/js/loadjs.min.js

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.225.66.86 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),

Reverse DNS

ip66-86.metrotvnews.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

0ffdea76a492845985238e5a85badbc4498ad7ce42bb533292c4f14844678748

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 08:46:13 GMT
server: nginx/1.10.3 (Ubuntu)
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Fri, 11 Oct 2024 02:00:40 GMT

GET
H2 200 detail.js Show response
www.metrotvnews.com/asset/js/ 4 KB
1 KB 1239ms
1209ms Script
application/javascript 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/asset/js/detail.js
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 84482e374667508c6c938cb184cb92c732a4870d38bbe9564b1290091905afac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
content-encoding: gzip
last-modified: Thu, 05 Oct 2023 10:56:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "ffd-606f5f9588719-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: ngx-bal
accept-ranges: bytes
content-length: 915

GET
H2 200 banner.css
www.metrotvnews.com/asset/css/ 634 B
450 B 1736ms
1707ms Stylesheet
text/css 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/asset/css/banner.css
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fa9b924adf8dc54823c42e8a67ea784bd6cc71a60d407aa6c32c8e41c0b0f06f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
content-encoding: gzip
last-modified: Mon, 17 Jul 2023 10:13:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "27a-600ac0b48efac-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: ngx-bal
accept-ranges: bytes
content-length: 248

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 196ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&family=Poppins:wght@400;600;700&display=swap

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/asset/css/detail.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d45c06c55c862f8ca80402ac23b22db6a5db57f23d13271334db0c6f7cdb5527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 12 Oct 2023 02:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 02:00:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 12 Oct 2023 02:00:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 171 KB
62 KB 137ms
19ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGJFFC2

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98e272eeb1d90d7b4a8a6d4989f01ae6623869fd67f5a5647b87f2db3598fdb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62587
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 12 Oct 2023 02:00:40 GMT

GET
H2 200 facebook.svg
www.metrotvnews.com/asset/asset/icons/ 440 B
609 B 1238ms
1209ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/facebook.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5ea10287d4ebdda92b6ead9f13c6322af78e3fd898735f89b63edc096a625bd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "1b8-5bf1e1d8e4d47"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 440

GET
H2 200 twitter.svg
www.metrotvnews.com/asset/asset/icons/ 2 KB
2 KB 1239ms
1210ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/twitter.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6990b6a5773c4a97e34bb01bdaf1ec0aefd719f70e403798b2196bcd9d00237c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "600-5bf1e1d8e5ce7"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 1536

GET
H2 200 tag.svg
www.metrotvnews.com/asset/asset/icons/ 1 KB
1 KB 1236ms
1210ms Image
image/svg+xml 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/icons/tag.svg
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/asset/css/detail.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 95264f18a14d65f84244e149132ccb725ca676f1c76b491d940fb7b72a39f84c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/asset/css/detail.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "46b-5bf1e1d8e5ce7"
content-type: image/svg+xml
cache-control: ngx-bal
accept-ranges: bytes
content-length: 1131

GET
H2 200 logo.png
www.metrotvnews.com/asset/asset/ 15 KB
15 KB 1732ms
1706ms Image
image/png 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metrotvnews.com/asset/asset/logo.png
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/asset/css/detail.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3849cb314678f9f7cc4ef33c447af61564c9d064a11f1b6bb8169f0c2d0f459a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/asset/css/detail.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
last-modified: Sun, 04 Apr 2021 04:35:49 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "3c3d-5bf1e1d8e3da7"
content-type: image/png
cache-control: ngx-bal
accept-ranges: bytes
content-length: 15421

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 101ms
0ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Poppins:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metrotvnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 00:08:32 GMT
x-content-type-options: nosniff
age: 6728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 00:08:32 GMT

GET
H2 200 fa-solid-900.woff2
va.medcom.id/2018/default/fonts/ 61 KB
61 KB 1086ms
625ms Font
application/octet-stream 103.225.66.86
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL

https://va.medcom.id/2018/default/fonts/fa-solid-900.woff2

Requested by

Host: va.medcom.id
URL: https://va.medcom.id/2018/default/css/fontawesome-all.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.225.66.86 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),

Reverse DNS

ip66-86.metrotvnews.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: https://va.medcom.id/2018/default/css/fontawesome-all.css
Origin: https://www.metrotvnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Thu, 13 Sep 2018 04:07:14 GMT
server: nginx/1.10.3 (Ubuntu)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 62472
expires: Fri, 11 Oct 2024 02:00:40 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 108ms
0ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Poppins:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metrotvnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 07:45:30 GMT
x-content-type-options: nosniff
age: 152110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Oct 2024 07:45:30 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 91ms
0ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Poppins:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.metrotvnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 07:35:17 GMT
x-content-type-options: nosniff
age: 498323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 07:35:17 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 281 KB
92 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-MPP2ZX5HJN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGJFFC2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d0f5fcb0f433ea61d20801e512a16a62efba126d01e607911fd1d014e8dbc98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94380
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Oct 2023 02:00:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
92 KB 65ms
65ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MPP2ZX5HJN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGJFFC2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2791a84e8b5ed85b9c4001360d543913aa36976a0b5108b662d2310c9b6ec69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 12 Oct 2023 02:00:40 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MPP2ZX5HJN&gtm=45je3ab0&_p=2103991623&_gaz=1&cid=497296648.1697076040&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697076040&sct=1&seg=0&dl=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&dt=Buat%20Situs%20Bank%20BNI%20Palsu%20untuk%20Ambil%20Data%20Nasabah%2C%20Pria%20di%20Kalbar%20Ditangkap&en=page_detail&_fv=1&_nsi=1&_ss=1&ep.dimension1=1186473&ep.dimension2=b1oC8y08&ep.dimension3=Headline%20News&ep.dimension4=polri%3Bpenipuan&ep.dimension5=Lukman%20Diah&ep.dimension6=2023-09-01%2013%3A11%3A39&ep.dimension7=nasional&ep.content_group1=%2Fprogram%2Fheadline-news
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MPP2ZX5HJN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 58ms
19ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MPP2ZX5HJN&cid=497296648.1697076040&gtm=45je3ab0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MPP2ZX5HJN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 41ms
18ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MPP2ZX5HJN&cid=497296648.1697076040&gtm=45je3ab0&aip=1&z=1470370670

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ats.js Show response
anymind360.com/js/10267/ 216 KB
45 KB 292ms
8ms Script
application/javascript 151.101.193.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/10267/ats.js

Requested by

Host: va.medcom.id
URL: https://va.medcom.id/2018/default/js/loadjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f703ce46e3cdc6222e2b657547d7291491673587a4d15b63e145de23163239d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Wed, 11 Oct 2023 05:03:42 GMT
date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 75419
x-guploader-uploadid: ADPycdt6yE9cBTlOWAHdMOBh9KO0NH61fzt3ouSehMweJoiWq0_wqSG4wQ8KeNyB6O1_BL9cCA
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 45249
x-served-by: cache-tyo11942-TYO, cache-fra-eddf8230057-FRA
last-modified: Tue, 10 Oct 2023 07:51:54 GMT
server: UploadServer
x-timer: S1697076041.481051,VS0,VE1
etag: "37e2d992c4d798d90743b17097edf7df"
vary: Accept-Encoding
x-goog-generation: 1696924314101895
x-goog-hash: crc32c=QzcBCw==, md5=N+LZksTXmNkHQ7Fwl+333w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 45249
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 19, 1

GET
H2 200 607795bdd7ff876ceceeb96841f172c46decb952.js Show response
cdn.izooto.com/scripts/ 949 B
811 B 68ms
24ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/607795bdd7ff876ceceeb96841f172c46decb952.js

Requested by

Host: va.medcom.id
URL: https://va.medcom.id/2018/default/js/loadjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a07edf6800e2c6929afaadefee0ae2a71d97819312d2e2f7cf38527b3a09717

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 14 Apr 2023 07:55:01 GMT
server: cloudflare
age: 1065081
etag: W/"643906d5-3b5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
cf-ray: 814bc029c922696a-FRA
x-xss-protection: 1; mode=block
expires: Fri, 20 Oct 2023 02:00:41 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 112ms
85ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: va.medcom.id
URL: https://va.medcom.id/2018/default/js/loadjs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

652b69c4bc58e6f9f6b5f5e642d3762e1ceacf745e7f1cedce72fced9ffb6655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29906
x-xss-protection: 0
server: cafe
etag: 55 / 19642 / m202310050101 / config-hash: 11301574316168306510
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 02:00:41 GMT

GET
H2 200 b1oC8y08
www.metrotvnews.com/hit/ 0
0 490ms
490ms Fetch
text/html 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/hit/b1oC8y08
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
server: nginx/1.14.0 (Ubuntu)
robots: noindex, nofollow
googlebot-news: noindex, nofollow
access-control-allow-origin: *
googlebot: noindex, nofollow
content-type: text/html; charset=UTF-8
cache-control: ngx-bal
content-length: 0

GET
H2 200 t_652681317b325.jpg
cdn01.metrotvnews.com/dynamic/content/2023/10/11/NLMC2LGL/ 80 KB
81 KB 1124ms
1122ms Image
image/png 103.225.66.102
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.metrotvnews.com/dynamic/content/2023/10/11/NLMC2LGL/t_652681317b325.jpg?w=300
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.225.66.102 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-102.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6ec36b3a15fd6c3a66e471654eb7b1928ca9d7cdd65166fad626afc6afe4205d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
last-modified: Wed, 11 Oct 2023 11:03:45 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"65268111-7c831"
content-type: image/png
cache-control: max-age=604800, public
content-length: 82169
expires: Thu, 19 Oct 2023 02:00:41 GMT

GET
H2 200 t_6524f9f9f3ed6.jpg
cdn01.metrotvnews.com/dynamic/content/2023/10/10/bJECaOwE/ 103 KB
103 KB 3637ms
3636ms Image
image/png 103.225.66.102
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.metrotvnews.com/dynamic/content/2023/10/10/bJECaOwE/t_6524f9f9f3ed6.jpg?w=300
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.225.66.102 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-102.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 886ba39927e1263aa66bd76d1d551c931e8af7941863574151857e073d18d1a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
last-modified: Tue, 10 Oct 2023 07:14:34 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6524f9da-a6b12"
content-type: image/png
cache-control: max-age=604800, public
content-length: 105428
expires: Thu, 19 Oct 2023 02:00:41 GMT

GET
H2 200 t_651ebf476bbb1.jpg
cdn01.metrotvnews.com/dynamic/content/2023/10/05/KYVCDXj1/ 95 KB
95 KB 4644ms
4643ms Image
image/png 103.225.66.102
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.metrotvnews.com/dynamic/content/2023/10/05/KYVCDXj1/t_651ebf476bbb1.jpg?w=300
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.225.66.102 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-102.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b8a8c446732138bdede734f93198aea5574f683ccd06dca8f8100d8190d3ab81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
last-modified: Thu, 05 Oct 2023 13:50:34 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651ebf2a-a7207"
content-type: image/png
cache-control: max-age=604800, public
content-length: 97104
expires: Thu, 19 Oct 2023 02:00:41 GMT

GET
H2 200 t_651e967795b22.jpg
cdn01.metrotvnews.com/dynamic/content/2023/10/05/kWDCZYoJ/ 73 KB
0 4644ms
4643ms Image
image/png 103.225.66.102
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn01.metrotvnews.com/dynamic/content/2023/10/05/kWDCZYoJ/t_651e967795b22.jpg?w=300
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.225.66.102 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-102.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
last-modified: Thu, 05 Oct 2023 10:56:26 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"651e965a-149d40"
content-type: image/png
cache-control: max-age=604800, public
content-length: 110232
expires: Thu, 19 Oct 2023 02:00:41 GMT

GET t_651d24d0e301f.jpg
cdn01.metrotvnews.com/dynamic/content/2023/10/04/kM6CaLOY/ 0
0

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 319 KB
75 KB 26ms
25ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/607795bdd7ff876ceceeb96841f172c46decb952.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97cfcfd111e7ca2f439c0f65a65427fe462994af519b8db6f2f7832e3ee0a1c4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 11 Oct 2023 13:23:07 GMT
server: cloudflare
age: 45428
etag: W/"6526a1bb-4fd05"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1382400
cf-ray: 814bc029f941696a-FRA
x-xss-protection: 1; mode=block
expires: Sat, 28 Oct 2023 02:00:41 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame 53E2 4 KB
1 KB 25ms
24ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 2561522
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 814bc02a6974696a-FRA
content-encoding: br
content-type: text/html
date: Thu, 12 Oct 2023 02:00:41 GMT
expires: Sun, 12 Nov 2023 02:00:41 GMT
last-modified: Tue, 07 Feb 2023 10:27:13 GMT
server: cloudflare
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/ 419 KB
132 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 11:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51401
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134450
x-xss-protection: 0
server: cafe
etag: 18225737291834661133
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 10 Oct 2024 11:44:00 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 51ms
8ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 02:40:33 GMT
content-encoding: gzip
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 84009
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: uR1sK5Yk52bhbV68u76hNHYib6Ri75PCMJ2mjdvOmvT7xlZSVuF7Lw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 65ms
25ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26809
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHOdLIBbYYztkQyhBDKGr2zi6NCrTDpV7catHDyNH9rOo0oL6pvKd2vFyZFuo5cd6cq1xayTgvAhcJSQz8BUQJVwP1QmlLD5HsgAip7uDYQ28dp6o8Ow6DzCWMB%2Fhld2NjASMLN%2BQCktWLi2nLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 814bc02b8b8a5d50-FRA

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 89ms
9ms Script
text/javascript 2600:9000:2250:7000:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:7000:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Wed, 11 Oct 2023 05:16:05 GMT
Via: 1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 74677
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: n6kFb28vVMhQYdv7hfnrOcJuegCO3DY1csfJavEwWShCHKajEO8EdQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
30 KB 61ms
26ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

310de9600c8bb44cc93f7917cf8285ebd1ad24620773adf3f2df4e5e0db9dfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 10 Oct 2023 14:20:27 GMT
server: cloudflare
x-amz-request-id: PR4NR0C21YJ4GQEZ
age: 3396
etag: W/"88086289b3f2ebf319996b249365dbe2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 814bc02b7d744d62-FRA
x-amz-id-2: fSYlISByYfKI6XGD4gaCvRqVtwFpTIWrXiezNVJzFrvM1qK6X/do9jDRnjmcD+JC6A20LKVyy/+C31RqJYz4Pg==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 47ms
8ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 19:33:05 GMT
content-encoding: gzip
age: 1492056
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 23 Sep 2024 19:33:05 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 14 KB
5 KB 63ms
23ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 17:20:48 GMT
server: cloudflare
age: 201962
etag: W/"650886f0-39ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 814bc02b8e1f2c5d-FRA
expires: Sun, 15 Oct 2023 02:00:41 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 86ms
43ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Oct 2023 11:24:04 GMT
server: nginx
etag: W/"651bf9d4-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 13 Oct 2023 02:00:41 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
22 KB 310ms
309ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730651078118262&correlator=2579870324477158&eid=31078704&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=20690672%2CD_Mtvn_Promo%2CMTVN%2CD_Mtvn_Detail_S1%2CD_Mtvn_Detail_S2%2CD_Mtvn_Detail_B1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2F3%2C%2F0%2F2%2F4%2C%2F0%2F2%2F5&prev_iu_szs=1200x75%2C300x250%2C300x600%2C970x90&ifi=1&didk=2126823798~2089400224~953243479~4220506602&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1697076041470&lmt=1697068841&adxs=0%2C1044%2C1044%2C-9&adys=156%2C399%2C1342%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&vis=1&psz=1600x75%7C300x250%7C300x600%7C0x-1&msz=1600x75%7C300x250%7C300x600%7C0x-1&fws=0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0&ga_vid=497296648.1697076040&ga_sid=1697076041&ga_hid=2103991623&ga_fc=true&dlt=1697076038641&idt=2791&adks=4222526332%2C1213857913%2C2585133085%2C4176520254&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83b5ac4c53baf09ca8a4e36c4e86ef2902ec917a2aebd3c861af7816b003007f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22075
x-xss-protection: 0
google-lineitem-id: -2,6392941438,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138449117100,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b1975374b50e085527bf1d77f07140ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E736 6 KB
3 KB 132ms
33ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b1975374b50e085527bf1d77f07140ba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 02:00:41 GMT
expires: Fri, 11 Oct 2024 02:00:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/10267/ats.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21036c18307a7423d572be042a94f57447408a66ad95a6df89d4daade5799f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29918
x-xss-protection: 0
server: cafe
etag: 875 / 19642 / 31078751 / config-hash: 11301574316168306510
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 12 Oct 2023 02:00:41 GMT

GET
H2 200 prebid_2023_10_10_7_51_37.js Show response
anymind360.com/js/10267/ 403 KB
129 KB 11ms
9ms Script
application/javascript 151.101.193.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/10267/ats.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a7406b1bc29dc8502982b8eb273114577bc1667f975bc1798e9b89a0587a7a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Tue, 10 Oct 2023 07:51:55 GMT
date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 67652
x-guploader-uploadid: ADPycduQPC7SBGGDPRO_SOXFEEcAu0H4MVg5XCcO_RQUHkcSFgq2wYuufISYPS7Xge1Iy1juprG7g3--7w
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 131258
x-served-by: cache-tyo11973-TYO, cache-fra-eddf8230057-FRA
last-modified: Tue, 10 Oct 2023 07:51:54 GMT
server: UploadServer
x-timer: S1697076042.522264,VS0,VE2
etag: "f2d23a30f5b121d81b0915288424d797"
vary: Accept-Encoding
x-goog-generation: 1696924314115031
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-goog-hash: crc32c=NueiZg==, md5=8tI6MPWxIdgbCRUohCTXlw==
access-control-expose-headers: Content-Type
cache-control: max-age=31536000, public
x-goog-stored-content-length: 131258
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 255 KB
63 KB 65ms
7ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 01:47:24 GMT
content-encoding: gzip
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified: Thu, 05 Oct 2023 19:43:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 798
x-amz-server-side-encryption: AES256
etag: W/"e1caada96468a3b669d0d0cc6ec9a23c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: Txb-Zsoy_seCrgOcgOgTrdvfpXQLfqwlQRimUc5NPpiS1vI9Edyomw==

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&rid=esp&cc=1

85 B
195 B

121ms
120ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&rid=esp&cc=1
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: f46b06592cb0eb9cd7692ea7714762c0e9a573fefe788dcd57dbe6a7699947a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-hGvnJa/QNGC+v1kku+BiymajXfg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.metrotvnews.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 12 Oct 2023 02:00:41 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.metrotvnews.com
location: /esp?url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
338 B 104ms
31ms XHR
application/json 63.33.97.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.97.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-97-132.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: eb959a6e70b5c2d5085c8290c94cd35f4349bf542fd97ca61ff78830255c0997

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache
x-server: 10.45.10.250
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
235 B 57ms
7ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.metrotvnews.com
date: Thu, 12 Oct 2023 02:00:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 32ms
20ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

368046011ecb39040953abfdbea5f4b4449ae5b77fe45269856b855a07e01672

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35992
x-jsd-version: 1.0.1840
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"636-6nyfcbQ+X4B5hi4NB5HEcSDYM/Q"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpqNEqst1474EUubG2BADChlR0XJR9mTmwu1TcAthE5a6fksuKRLjDPM5SiMgMpMOrpgs3LJJPxZwKQfzX2%2Bol6271LecotaACox3aqP7FCyzS9%2BlBJ7Z0%2BRYOtt1J84V2nsx8BeHNWEyFZJwEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 814bc02c4f834dc0-FRA

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 181ms
18ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 181ms
19ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 171 B
566 B 210ms
47ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 182ms
19ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 181ms
19ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 182ms
19ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 200ms
20ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 202ms
20ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 202ms
20ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 201ms
19ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 202ms
20ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
341 B 220ms
18ms XHR
application/json 217.182.178.224
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS: ip224.ip-217-182-178.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
618 B 63ms
23ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
an-x-request-uuid: 8f3aeb9c-57cc-4383-8ffc-d25cc1395be6
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.197; 80.255.10.197; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
402 B 109ms
31ms XHR
text/plain 34.251.190.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.190.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-190-219.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/d0dfedc3d2b4db527276b4c01ad2470d?prettyPrint=true
access-control-allow-origin: https://www.metrotvnews.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 7f697c11-6feb-6bee-f812-2a114a4e7a21

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
402 B 135ms
59ms XHR
text/plain 34.251.190.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.190.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-190-219.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/2b3873c09478fdb105c21d844c5d0422?prettyPrint=true
access-control-allow-origin: https://www.metrotvnews.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 5df9ff63-69d8-e830-77aa-8b3401a06849

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
401 B 126ms
51ms XHR
text/plain 34.251.190.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.190.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-190-219.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/1b145547bd0c90ba728a4136ae28c10b?prettyPrint=true
access-control-allow-origin: https://www.metrotvnews.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 6cfbc4f5-f4b4-cc31-e389-ebbc27e77e2a

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
401 B 134ms
60ms XHR
text/plain 34.251.190.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.190.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-190-219.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/27471b566fc2505a60f052e55b4a4c29?prettyPrint=true
access-control-allow-origin: https://www.metrotvnews.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: e4490c81-a610-ceda-455a-bbeed9f18717

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
402 B 125ms
51ms XHR
text/plain 34.251.190.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.190.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-190-219.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
x-smt-trace: https://tracing.smaato.net/api/traces/409bb0de9f626f8a1d1a7a3f13a74b07?prettyPrint=true
access-control-allow-origin: https://www.metrotvnews.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 464570c9-93f2-cb46-4e2a-c837610686f0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
252 B 65ms
15ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a1081c94d81630d62359bd0ccc515e7bdf63265f7ee85e2caa71ae284860d30b

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.metrotvnews.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 996 B
3 KB 357ms
207ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17692&site_id=508908&zone_id=3038844%3B3051350%3B3051352%3B3049828%3B3051356&size_id=2%3B15%3B15%3B2%3B15&alt_size_ids=%3B2%2C16%3B2%2C16%3B55%3B2%2C16&rp_schain=1.0,1!anymanager.io,A4672,1,,,&rf=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&kw=MetroTV%2CHeadlineNews%2CBuatSitusBankBNIPalsuuntukAmbilDataNasabah%2CPriadiKalbarDitangkap%2Cpenipuan%2Cbankbni%2Ckalimatanbarat%2Cpolri%2C&tg_i.domain=metrotvnews.com&tg_i.page=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&tg_i.pbadslot=%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_top_320x50%2F%2F320x100%2F%2F970x90%2F%2F728x90%3Bats-insert_ads-1%3Bats-insert_ads-2%3B%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_anchor_sticky_320x100%2F%2F320x50%2F%2F728x90%2F%2F970x90%3Bats-insert_ads-14&tk_flint=pbjs_lite_v7.54.4&x_source.tid=231bfb91-7681-4fb4-9787-0cec34dabf59%3B29fbb156-269e-4333-a2ca-01faa320ff5b%3B2e725922-c4d4-47fa-879b-f56e6a229b13%3B4bdc87cb-986e-481e-b225-0d57b980c137%3B64b2a4a0-7f0f-40d8-b304-17bc71e881a2&l_pb_bid_id=330372ca5dede15%3B3405752248f390f%3B3537fcb263f6b2e%3B36675ad6aba6bf9%3B3771bf704232798&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=231bfb91-7681-4fb4-9787-0cec34dabf59%3B29fbb156-269e-4333-a2ca-01faa320ff5b%3B2e725922-c4d4-47fa-879b-f56e6a229b13%3B4bdc87cb-986e-481e-b225-0d57b980c137%3B64b2a4a0-7f0f-40d8-b304-17bc71e881a2&rp_maxbids=1&p_gpid=%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_top_320x50%2F%2F320x100%2F%2F970x90%2F%2F728x90%3B%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_mid_300x250%2F%2F336x280%2F%2F728x90%3B%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_below_300x250%2F%2F336x280%2F%2F728x90%3B%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_anchor_sticky_320x100%2F%2F320x50%2F%2F728x90%2F%2F970x90%3B%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_mid4_300x250%2F%2F336x280%2F%2F728x90&slots=5&rand=0.6325490100236884
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a37d909313227e4b4695af79ad01101828c85340a7003d11f59bd3b85fffc02a

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 3009961 Show response
bs.yandex.ru/prebid/ 0
165 B 223ms
93ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/3009961?imp-id=1&target-ref=www.metrotvnews.com&ssp-id=10500
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
last-modified: Thu, 12 Oct 2023 02:00:41 GMT
x-yandex-req-id: 1697076041816479-1484135412751256117500289-production-app-host-sas-pcode-290
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.metrotvnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Thu, 12 Oct 2023 02:00:41 GMT

POST
H2 204 3009961 Show response
bs.yandex.ru/prebid/ 0
354 B 212ms
82ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/3009961?imp-id=2&target-ref=www.metrotvnews.com&ssp-id=10500
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
last-modified: Thu, 12 Oct 2023 02:00:41 GMT
x-yandex-req-id: 1697076041817748-925619739814961528900190-production-app-host-vla-pcode-465
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.metrotvnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Thu, 12 Oct 2023 02:00:41 GMT

POST
H2 204 3009961 Show response
bs.yandex.ru/prebid/ 0
76 B 228ms
99ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/3009961?imp-id=3&target-ref=www.metrotvnews.com&ssp-id=10500
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
last-modified: Thu, 12 Oct 2023 02:00:41 GMT
x-yandex-req-id: 1697076041817128-691857302632481431200286-production-app-host-sas-pcode-381
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.metrotvnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Thu, 12 Oct 2023 02:00:41 GMT

POST
H2 204 3009961 Show response
bs.yandex.ru/prebid/ 0
167 B 253ms
124ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/3009961?imp-id=4&target-ref=www.metrotvnews.com&ssp-id=10500
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
last-modified: Thu, 12 Oct 2023 02:00:41 GMT
x-yandex-req-id: 1697076041860779-469586008032393495700193-production-app-host-vla-pcode-137
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.metrotvnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Thu, 12 Oct 2023 02:00:41 GMT

POST
H2 204 3009961 Show response
bs.yandex.ru/prebid/ 0
167 B 260ms
131ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.yandex.ru/prebid/3009961?imp-id=5&target-ref=www.metrotvnews.com&ssp-id=10500
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
last-modified: Thu, 12 Oct 2023 02:00:41 GMT
x-yandex-req-id: 1697076041863126-1647015923743478692500190-production-app-host-vla-pcode-124
uniformat: true
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://www.metrotvnews.com
content-type: application/json; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
uniformat-product-type: None
expires: Thu, 12 Oct 2023 02:00:41 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
198 B 127ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.4&cb=81298324515&lsavail=0

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.metrotvnews.com
date: Thu, 12 Oct 2023 02:00:41 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 182ms
115ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.metrotvnews.com
date: Thu, 12 Oct 2023 02:00:41 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DFF0 15 KB
6 KB 63ms
25ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.metrotvnews.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 02:00:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 335710
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 db25e772-a50a-4abc-826c-f029cd5364e4 Show response
config.aps.amazon-adsystem.com/configs/ 537 B
812 B 67ms
11ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/db25e772-a50a-4abc-826c-f029cd5364e4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2c1b4ffd3d6aae45c5e5ae3fde9374daf632286062b7cda71f5ebd893cada986

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 01:31:13 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1768
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 537
x-amz-cf-id: mWOZ3P-cXQ-Ju-w68lZ40rfIfXr1h1sImiIhNcw6f3ZYWopW-DHTAw==

GET config
c.amazon-adsystem.com/cdn/prod/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 115ms
50ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&pid=9QiIYWkMCKwvT&cb=0&ws=1600x1200&v=23.919.1525&t=2000&slots=%5B%7B%22sd%22%3A%22ats-insert_ads-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_top_320x50%2F%2F320x100%2F%2F970x90%2F%2F728x90%22%7D%2C%7B%22sd%22%3A%22ats-insert_ads-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_mid_300x250%2F%2F336x280%2F%2F728x90%22%7D%2C%7B%22sd%22%3A%22ats-insert_ads-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_below_300x250%2F%2F336x280%2F%2F728x90%22%7D%2C%7B%22sd%22%3A%22ats-overlay_bottom-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_anchor_sticky_320x100%2F%2F320x50%2F%2F728x90%2F%2F970x90%22%7D%2C%7B%22sd%22%3A%22ats-insert_ads-14%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_mid4_300x250%2F%2F336x280%2F%2F728x90%22%7D%5D&schain=1.0%2C1!anymanager.io%2C10267%2C1%2C%2C%2C&pubid=db25e772-a50a-4abc-826c-f029cd5364e4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 0NHP839E0AGF6CJDXH4W
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: IXTfTd0emAFp_cW7jyBFZ8PS-nbkiAyqm_NysFfffbNnXZZz-1Jxlw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 48ms
8ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
date: Wed, 11 Oct 2023 02:25:17 GMT
x-amz-cf-pop: FRA56-P6
age: 84925
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: FZBdCimDjHpbLk9Idom90Px4CrCUPIX-YNVNzrYsSfZ3uLeCI6mlng==

GET
H2 200 banner.css
www.metrotvnews.com/asset/css/ 634 B
450 B 219ms
216ms Stylesheet
text/css 103.225.66.90
IDNIC-METROTV-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metrotvnews.com/asset/css/banner.css
Requested by: Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.225.66.90 , Indonesia, ASN45734 (IDNIC-METROTV-AS-ID PT Media Televisi Indonesia, ID),
Reverse DNS: ip66-90.metrotvnews.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fa9b924adf8dc54823c42e8a67ea784bd6cc71a60d407aa6c32c8e41c0b0f06f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: gzip
last-modified: Mon, 17 Jul 2023 10:13:03 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "27a-600ac0b48efac-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: ngx-bal
accept-ranges: bytes
content-length: 248

GET
H2

200

sid Show response
mug.criteo.com/ Frame DFF0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=metrotvnews.com&sn=ChromeSyncframe&so=0&topUrl=www.metrotvnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=uJamoXxpNXo2WG9ienIyK2tzQ3d6KzhuU01xaFBGTUVnU0UwRUx1S1ZkRnkzQnFPZXRtWWFtTVBGSWlSVE9BT3QyUkF6c0w0SjU2eG9JY2FkMDRjNU5RY1JLMjZVenEvQzdGejlwSnBUTFdWZnZCQWNLaFVHMUlNajdYdy...

419 B
648 B

95ms
14ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uJamoXxpNXo2WG9ienIyK2tzQ3d6KzhuU01xaFBGTUVnU0UwRUx1S1ZkRnkzQnFPZXRtWWFtTVBGSWlSVE9BT3QyUkF6c0w0SjU2eG9JY2FkMDRjNU5RY1JLMjZVenEvQzdGejlwSnBUTFdWZnZCQWNLaFVHMUlNajdYdyt5dzFxblpGUDZPU1FsK3hhTXhPaEZUalp3LytYUDJOU3RSMUFhNmx6L21ZM3Zub2hwd3pkV1U0d0w2NmJxbHBSTWI0M1RGeU5lUzhuQ0xiTDVvN1RUWm5Nd0RzUTROTXY1V0hRdUl6Sk9WT24zTUxkUk9uUys5L1FBQ2kyUFMzdkMwTXV3V1BKUEVlRGlza0NROGlhcGlVYUZuaFN0Zz09fA&cppv=2

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

30e58272faca8c75baefcd1c00965b233cd22da6ea2c8ce9e1b9f10db9523aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1163788
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=uJamoXxpNXo2WG9ienIyK2tzQ3d6KzhuU01xaFBGTUVnU0UwRUx1S1ZkRnkzQnFPZXRtWWFtTVBGSWlSVE9BT3QyUkF6c0w0SjU2eG9JY2FkMDRjNU5RY1JLMjZVenEvQzdGejlwSnBUTFdWZnZCQWNLaFVHMUlNajdYdyt5dzFxblpGUDZPU1FsK3hhTXhPaEZUalp3LytYUDJOU3RSMUFhNmx6L21ZM3Zub2hwd3pkV1U0d0w2NmJxbHBSTWI0M1RGeU5lUzhuQ0xiTDVvN1RUWm5Nd0RzUTROTXY1V0hRdUl6Sk9WT24zTUxkUk9uUys5L1FBQ2kyUFMzdkMwTXV3V1BKUEVlRGlza0NROGlhcGlVYUZuaFN0Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 234202
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B92A 0
0 49ms
48ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAbxZoAmOpU70bFWWpFhfVytcip9TN74MN_VlBT2zpdrhKE-D3Ki4cr_70Cryd3DfhkibAFvq0IkjXNrP93cqrsVUuIeEaUXKt-5Ue_NCbRVD_b3WCSncFRHFvpgjV-ioPcLZ2OWYrkIicFPDWSNJ5fEtriYhal2bzd9phUSPWBf8zMTGeX-WVniReCIBjJ4QgDd_oUphdipGWceld88AOkmr7tgs_eJx6uz-AvtWwjcAH4Ax35mWGOO4leIglFhSx1SpYP4c5ATKzCSBUM_hPhgN0FatgsaFXAVSVDWRW_tzDGzJnULPnCHzW7pBc3qGK1ge4lgBoJBVlPLEcbpIG-dyg&sai=AMfl-YTQ0LZJXybLMryT8U1WjfTDHhNkTtVU6HDsBoXkWo8Ss4iict4NJSJlzUUdtWIglVWQ5Aj10BJmO8mHgVLctNy5QRpcbKq2c1la9cgemWEm_SA6Pfs3L_s37MNgYioLygXINohGeYO1x4PGL582&sig=Cg0ArKJSzOEz_cT0b3Z1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Oct 2023 02:00:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B92A 23 KB
9 KB 59ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B92A 3 KB
1 KB 62ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:21:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B92A 187 KB
59 KB 68ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 02:00:41 GMT

GET
H2 200 12609748294944862576
tpc.googlesyndication.com/simgad/ Frame B92A 26 KB
26 KB 57ms
11ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12609748294944862576

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b570c431e129afba8d3eed8a9a0885cdfff5d06815e5742db1c8e813bd32a705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:04:51 GMT
x-content-type-options: nosniff
age: 582950
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26398
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 07:02:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Oct 2024 08:04:51 GMT

GET
DATA 200
OK truncated
/ Frame B92A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a1daa11a24840b012cb2ad180ddc7719b82d30f457056fe8c5d31394b48b93d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 6E99 0
176 B 57ms
16ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 12 Oct 2023 02:00:41 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B92A 0
0 63ms
47ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyvAIcNf6zrd2rLGQ_jPd-cgH8o66KcHzZ_vRwpoz-QArszDhdKGnVqUzwgCmk7iVrtXT_bzFxAmT7J833FCX0vvTFUeOgG29KQRRTCrPU-DGOqEjRbsyEIwCjVMQqzVRh7H7giURCiBUG0XkIDfysq07vNR54km_it1XYeUWYaRS-OdeaKKjCoNXBqfMYh_S-TNYCFWXd1zdae9OugZkTxoY5juCBRWxHgLCg06FzVmaN8cOl4MdL2ZnxmuD0H2NFwsmkq-oD2jpU_VAD7-mvmSMO8ux3d-BEIApw7tC5eTqIXk0c_Wni8ueeYXfaljPuLV56eqDTwkKGmyB0dvSlWrATKCs&sai=AMfl-YTg0bTDKkH6Y_0eBeglVoOn4Cow4_pFgMF5kwnbDcCfuEALvSjiBr_amNvMVz8W2WeBPleaZjhJWQPB2UnSpxEMOsuRalyrWnWUyjsiG3gD0QFvyr735YuU0bZKvSFxwTFuyNeaFPT6suIZ2FnC&sig=Cg0ArKJSzMehn2-uF725EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Oct 2023 02:00:42 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 69ms
24ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f7b56f604d286cbb407a9485e4683021bc724ac94416cceb16de243517f3231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12141
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 434 B
201 B 1344ms
1343ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730651078118262&correlator=1112155835868985&eid=31078704&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=21622890900%3A21764741526%2CID_metrotvnews.com_res_article_top_320x50%2C320x100%2C970x90%2C728x90&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90&ifi=5&didk=2825456943&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddd816ab5884b4cd2%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_MaW6wfFy81mILYZczCAPS73LUiN1g&gpic=UID%3D00000c96f9cb42e7%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_Ma52yEmquL8ABgA3KHqblLuFQ1XoA&abxe=1&dt=1697076042041&lmt=1697068842&adxs=200&adys=925&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&vis=1&psz=767x0&msz=728x0&fws=128&ohw=0&ga_vid=497296648.1697076040&ga_sid=1697076041&ga_hid=2103991623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-a31jLIxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj6rfWMsjFIAFICCGQSGQoKcHViY2lkLm9yZxjUrvWMsjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y-q31jLIxSABSAghkEhkKCnVpZGFwaS5jb20Y-q31jLIxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVRITndVV05TYTA5VVN6SjVibFpPWlM5NlRtUkRRVDA5SW4wPRiisfWMsjFIABIbCgxpZDUtc3luYy5jb20Yza_1jLIxSABSAghq&dlt=1697076038641&idt=2791&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=url%3D%252Fread%252Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap%26ref%3Dnull&adks=3770403139&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99d5d46a45268bceb83ad115c3558d8b121b69bb6743612a48db8218c8f4da7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 395ms
391ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730651078118262&correlator=1112155835868985&eid=31078704&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=21622890900%3A21764741526%2CID_metrotvnews.com_res_article_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=6&didk=3347717744&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddd816ab5884b4cd2%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_MaW6wfFy81mILYZczCAPS73LUiN1g&gpic=UID%3D00000c96f9cb42e7%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_Ma52yEmquL8ABgA3KHqblLuFQ1XoA&abxe=1&dt=1697076042051&lmt=1697068842&adxs=0&adys=25&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&vis=1&psz=1600x0&msz=300x0&fws=128&ohw=0&ga_vid=497296648.1697076040&ga_sid=1697076041&ga_hid=2103991623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-a31jLIxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj6rfWMsjFIAFICCGQSGQoKcHViY2lkLm9yZxjUrvWMsjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y-q31jLIxSABSAghkEhkKCnVpZGFwaS5jb20Y-q31jLIxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVRITndVV05TYTA5VVN6SjVibFpPWlM5NlRtUkRRVDA5SW4wPRiisfWMsjFIABIbCgxpZDUtc3luYy5jb20Yza_1jLIxSABSAghq&dlt=1697076038641&idt=2791&cust_params=url%3D%252Fread%252Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap%26ref%3Dnull&adks=3492349378&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec92c4b4a377ba285925a4d232c84ac815dd8131af9adec8f7a240179e05b0c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11749
x-xss-protection: 0
google-lineitem-id: 6357062845
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138442362724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
25 KB 1079ms
1076ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730651078118262&correlator=1112155835868985&eid=31078704&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=21622890900%3A21764741526%2CID_metrotvnews.com_res_allpage_top2_970x250%2C970x90%2C728x90%2C320x100%2C320x50&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4%2F%2F5&prev_iu_szs=728x90%7C970x250%7C970x90&ifi=7&didk=1599267880&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddd816ab5884b4cd2%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_MaW6wfFy81mILYZczCAPS73LUiN1g&gpic=UID%3D00000c96f9cb42e7%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_Ma52yEmquL8ABgA3KHqblLuFQ1XoA&abxe=1&dt=1697076042058&lmt=1697068842&adxs=436&adys=202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&vis=1&psz=1600x0&msz=728x0&fws=128&ohw=0&ga_vid=497296648.1697076040&ga_sid=1697076041&ga_hid=2103991623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-a31jLIxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj6rfWMsjFIAFICCGQSGQoKcHViY2lkLm9yZxjUrvWMsjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y-q31jLIxSABSAghkEhkKCnVpZGFwaS5jb20Y-q31jLIxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVRITndVV05TYTA5VVN6SjVibFpPWlM5NlRtUkRRVDA5SW4wPRiisfWMsjFIABIbCgxpZDUtc3luYy5jb20Yza_1jLIxSABSAghq&dlt=1697076038641&idt=2791&cust_params=url%3D%252Fread%252Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap%26ref%3Dnull&adks=2966671429&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3cc61c0f826899b7b1938330ae85ff6d9d951439c2917c7daa0812d83f14643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25341
x-xss-protection: 0
google-lineitem-id: 6376386850
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138445414368
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 429 B
198 B 911ms
909ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730651078118262&correlator=1112155835868985&eid=31078704&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=21622890900%3A21764741526%2CID_metrotvnews.com_res_article_mid4_300x250%2C336x280%2C728x90&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=300x250%7C336x280%7C728x90&ifi=8&didk=1599268307&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddd816ab5884b4cd2%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_MaW6wfFy81mILYZczCAPS73LUiN1g&gpic=UID%3D00000c96f9cb42e7%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_Ma52yEmquL8ABgA3KHqblLuFQ1XoA&abxe=1&dt=1697076042062&lmt=1697068842&adxs=200&adys=1710&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&vis=1&psz=767x0&msz=300x0&fws=132&ohw=767&ga_vid=497296648.1697076040&ga_sid=1697076041&ga_hid=2103991623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-a31jLIxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj6rfWMsjFIAFICCGQSGQoKcHViY2lkLm9yZxjUrvWMsjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y-q31jLIxSABSAghkEhkKCnVpZGFwaS5jb20Y-q31jLIxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVRITndVV05TYTA5VVN6SjVibFpPWlM5NlRtUkRRVDA5SW4wPRiisfWMsjFIABIbCgxpZDUtc3luYy5jb20Yza_1jLIxSABSAghq&dlt=1697076038641&idt=2791&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=url%3D%252Fread%252Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap%26ref%3Dnull&adks=3726247715&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c417de5b6f37317cb6e04bf558a15e3424b6f3b1bb8398bff31cb7fda3541528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 1719ms
1716ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730651078118262&correlator=1112155835868985&eid=31078704&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=21622890900%3A21764741526%2CID_metrotvnews.com_res_article_below_300x250%2C336x280%2C728x90&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=300x250%7C336x280%7C728x90&ifi=9&didk=2825456941&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddd816ab5884b4cd2%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_MaW6wfFy81mILYZczCAPS73LUiN1g&gpic=UID%3D00000c96f9cb42e7%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_Ma52yEmquL8ABgA3KHqblLuFQ1XoA&abxe=1&dt=1697076042066&lmt=1697068842&adxs=200&adys=2885&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&vis=1&psz=767x0&msz=300x0&fws=128&ohw=0&ga_vid=497296648.1697076040&ga_sid=1697076041&ga_hid=2103991623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-a31jLIxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj6rfWMsjFIAFICCGQSGQoKcHViY2lkLm9yZxjUrvWMsjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y-q31jLIxSABSAghkEhkKCnVpZGFwaS5jb20Y-q31jLIxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVRITndVV05TYTA5VVN6SjVibFpPWlM5NlRtUkRRVDA5SW4wPRiisfWMsjFIABIbCgxpZDUtc3luYy5jb20Yza_1jLIxSABSAghq&dlt=1697076038641&idt=2791&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=url%3D%252Fread%252Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap%26ref%3Dnull&adks=3036798195&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df5fce455898e9f6cd2e4ff4eba8186e3adcd0f62018da02215eb4ce2a4b3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11945
x-xss-protection: 0
google-lineitem-id: 5742073165
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138356347689
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 428 B
198 B 552ms
549ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730651078118262&correlator=1112155835868985&eid=31078704&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=21622890900%3A21764741526%2CID_metrotvnews.com_res_article_mid_300x250%2C336x280%2C728x90&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3&prev_iu_szs=300x250%7C336x280%7C728x90&ifi=10&didk=2825456940&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddd816ab5884b4cd2%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_MaW6wfFy81mILYZczCAPS73LUiN1g&gpic=UID%3D00000c96f9cb42e7%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_Ma52yEmquL8ABgA3KHqblLuFQ1XoA&abxe=1&dt=1697076042069&lmt=1697068842&adxs=200&adys=1390&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&vis=1&psz=767x0&msz=300x0&fws=132&ohw=767&ga_vid=497296648.1697076040&ga_sid=1697076041&ga_hid=2103991623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-a31jLIxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj6rfWMsjFIAFICCGQSGQoKcHViY2lkLm9yZxjUrvWMsjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y-q31jLIxSABSAghkEhkKCnVpZGFwaS5jb20Y-q31jLIxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVRITndVV05TYTA5VVN6SjVibFpPWlM5NlRtUkRRVDA5SW4wPRiisfWMsjFIABIbCgxpZDUtc3luYy5jb20Yza_1jLIxSABSAghq&dlt=1697076038641&idt=2791&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=url%3D%252Fread%252Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap%26ref%3Dnull&adks=786846286&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38b8928c49984e1589a0e7f5c6d280d2cddc87d70326b48f2db05d165ac9eade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 02:00:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 10CA 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 17:55:26 GMT
expires: Thu, 10 Oct 2024 17:55:26 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7BF3 829 B
1 KB 48ms
25ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43cca092d6f847f9978e9467fe699df271c8f66116253ddd80654b448b6d1a4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sOpy5hffkEamKbyR-kxbSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sOpy5hffkEamKbyR-kxbSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 02:00:42 GMT
expires: Thu, 12 Oct 2023 02:00:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 10CA 37 KB
14 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 17:50:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 17:50:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7BF3 0
0 43ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310050101&jk=730651078118262&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 10CA 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z6_-mw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CA8 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWEeZHveqk7MHpVeIzGc0Oj4RldxCgZ9rzDJ8LJyHZextXr4Y0l2BDRGnaiiPlFJ9XFCZGmMryVA07UemKu5zbV4Bb4mz4HfsQJH14Gw4pPvS9ntxF-IohLKLVQnZRyVuhWkL1LvHXzgZuKiE7e58WNrvoos2tkS4Qlf6_lr9PZk2NNfPBCyAbiSoZbFckPbLVC5TZ2v7PMTCxLSamBsZ8pJ5PLM7p7rB6sQ5SZdM6hUQM3Hy3aXhCEBMfFz3XWglqcmof_7oBCkdjVSUQPtkgZeUQnyZeO8JWfd32PxAn3Itcd2djwfR80-xHYxbP8vDq5xaOOL-9bHDwI0md0-xUUwL9wEXkknoEpCleCnLBgibNGeY&sai=AMfl-YRz8fjTrNfbUcjVd1gBdrTE3B-Jxl3kbkKSCZlLnOpuLI6s-_h63iuHrzOdyHqqqa3A2lO2Fnt42DlOn66Pm7y9cb2WEMS-sxgivIt_QmHYjhl1FhAa2uKnIw0drL8&sig=Cg0ArKJSzN5bNPXWDnK4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 9410.js Show response
go.trvdp.com/init/ Frame 3CA8 5 KB
2 KB 52ms
8ms Script
application/javascript 143.204.98.64

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/9410.js?pid=6763
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.64 , United States, ASN (),
Reverse DNS: server-143-204-98-64.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e07ece553d71d3a30af119f31f36182c3ed0498355b0cbb66b2a60b8ad7e7f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 06:57:20 GMT
content-encoding: br
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 10:42:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 155003
etag: W/"5753c4d9b6b10638947889df450ef31e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: OP9Yt44_5Flgp401PT3QKyKsOa0z2x8xSRDtKFBCUN0HiRyAMCfewQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CA8 187 KB
59 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 02:00:42 GMT

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 716041efdb4414a3094243ecd3725ea02dd514734d7183e1b746c47b50da5005

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 3CA8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee687d9f09bbbe875ce0347545766ec1d1ed390d2b53500935f1b46515a97ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 p.php Show response
stg.truvidplayer.com/ Frame 3CA8 3 KB
2 KB 163ms
106ms XHR
application/json 143.204.215.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1273&wid=9410&cb=3071.4630681053313&pid=6763&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/9410.js?pid=6763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-19.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 2761d0b655a6489799260b3a129325243d45bd2fd0ae694a7d9fe1bb004b959d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
content-encoding: gzip
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.metrotvnews.com
access-control-allow-credentials: true
x-amz-cf-id: 90AB_Ube2OPLK-BlSlno1Jo2Cnh5xOyoDsBpOsr9jJMAZBXPTZS1FA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CA8 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuF9h92oWylDH-oWtJGOCNkfRHM1xkb8Z4pWC3TJl1Qo2b9gX5xZQORoVSMXlIZjtbww5mm09N0gP_fTqJNDdUFBir_RXQWPOPUqVRZ1oTvEBgzAbWPoT7Zabx35KbOmDx7tZX0uPgeUWBUKVGaEKzsZQGJFLGVM1E3W3NYJt62OmxWBmP09G5Q_nV9MwGkyvSLNY7Fkx4VNmSw6Q12ihTsMoklmgJleTMVYrHIRUU5LNIqKQVusRWAhQ03ihgehMrQukKmCsgdOVnn87mkt-2znZJT6QoTTOWsA9qkMDJBD46aME04Xv_dC729blrDEYr87kwJpvha38jI09mE7ec1f_8BhBpSJ8d5PPkVuUG_JJJujjHYwQ&sai=AMfl-YRAloDdvkpARXspWJg2glaahobAWMB9s1THK0BmkmxB8Q5taCtOVl9OETShzCMT2jlqAJZ7wHgXCn_e62kpaNMgtvCLgOxs824q3dJVNpuJd5K1vQ5_6iYdxghV0qk&sig=Cg0ArKJSzDcehQvVD57oEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Oct 2023 02:00:42 GMT

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.827/ 469 KB
129 KB 48ms
13ms Script
application/javascript 13.32.99.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.827/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/9410.js?pid=6763
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-110.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 947ea0259f58d0d3fa8f9d6f87ba299d4cc4379be52886936c56f358da9a5787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 13:19:40 GMT
content-encoding: br
via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jul 2023 12:00:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2551263
etag: W/"6d4b82c5e77085c209494ce7e5eca2fa"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -Tx0YlDktqCMQ78FD7K-Qaz6-mXKiLSQHBpLRjT0JV3lgnzHRqGWiw==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310050101&jk=730651078118262&bg=!l5SllNvNAAbjlzx0w5c7ADQBe5WfOJlSLRnUZLgQmM9h9WqpBCntA2H9VN1lpuPosJBunwMNnaLrVXi79cQXDX4AZQoWAgAAAENSAAAACWgBB5kCsAGYZA0VBFJlOVjQnQGRQNn86RqgnkuANkoH9BG4040JQcbT_fS7a6bi4KHZ01o-dZBGlWNqC5G5SLJnx8tIcN5_hfJ_ZDaZOjij_EAFXyeG_gMIu-_qopN7q9ri2p8FORN-RA9UbYoXPYjI-GaIbey9TN9he0BVi1mxsJEN3L6e2Lpzm8ky_nNpTzyaKomgQs_DdnqEVRD0b-jFhEuLvSNHOh0fEvW8D2JzqcsTF3BIlWQJo8Z2hDdH_jKliFMppeojwqf5jnBmkfuMFPmG2FuV-bEVyv2Ecq4pUIdUYYXGR2jTMCNnlyfh_JzZJIw9HcSYUj9w8XxjPM5PXmalxPQxeXdlWsMzPpZesxjO-XGILJOY4MPDKyoJOo2h9fzcYqdZeE7EUj1WvXGYFH9VrXZvTnHcTUxO1bDQPM937RhnH0cS0DAB7DGTm-U4UhlHw4C_Hs1W7BNZkqf7DPa6oQIXArtSCCLMPJHr4Q5AHPm3qzto67BnluzeM_i2qwoo4m-8Ro-HmsDOy4onoec5O3V2C6TCBrwB9LAAyHXHiohagYhMg6vjE4EPC7-h_XkPmbmtgLDxJi_x3qzIelQVWLWqPiiRgey2pLuo1b2DLXiztY_hT-L7RhOgxC8gmUBGiIl7DPIsg-5X6ro1_yQnutWlggn6cB35yx3Ue_0mJPH3LC2cIrYqp9OYdN3Pv8a0lCjl_tCs6wGBxsTUONvGD0pKOItsWcC8v_rI0cjgOYMGbYmoZXzv_vSBsThMgytCDQC3KEFPArdEqC43icxcx062S-IVTMJveorw1RaQxVOpyJtKlFzHpneixxpkloxN0_C-XWePq6eU2-wxA3KaPp8CaYuOaderRJQK6Z9P11xtN951yC5hPyIaUScSfx6fmJI9t6S4Ybc7PPIVq2xpvG4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
606 B 468ms
118ms XHR
text/plain 35.208.216.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.metrotvnews.com&l1=9410&l2=metrotvnews.com&l3=DE&l4=desktop&l5=5.827&cb=0.3251196389204203
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.827/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 12 Oct 2023 02:00:43 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.metrotvnews.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B92A 42 B
174 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgjgWzXKShsUp7lASWEGs32qeuCBW91BQDgMRwkd7t3Xge5WbnA5uoFVUhgaumsLLGnz3xGstPDytGNtu8sUu463VFJiuFUeE2wEVc29thr1YeHXpfbSkJQVX2i24o&sig=Cg0ArKJSzJWGgdKa52O2EAE&id=lidar2&mcvt=1000&p=453,1043,703,1343&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1213857913&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697076041828&rpt=136&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 103 KB
31 KB 266ms
265ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730651078118262&correlator=1112155835868985&eid=31078704&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=20690672%2CD_Mtvn_Promo%2CMTVN%2CD_Mtvn_Detail_S1%2CD_Mtvn_Detail_S2%2CD_Mtvn_Detail_B1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2F3%2C%2F0%2F2%2F4%2C%2F0%2F2%2F5&prev_iu_szs=1200x75%2C300x250%2C300x600%2C970x90&ifi=11&didk=2126823798~2089400224~953243479~4220506602&sfv=1-0-40&rcs=1%2C1%2C1%2C1&eri=1&sc=1&cookie=ID%3Ddd816ab5884b4cd2%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_MaW6wfFy81mILYZczCAPS73LUiN1g&gpic=UID%3D00000c96f9cb42e7%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_Ma52yEmquL8ABgA3KHqblLuFQ1XoA&abxe=1&dt=1697076043034&lmt=1697068843&adxs=200%2C1044%2C1044%2C-9&adys=177%2C428%2C1371%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C5%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&vis=1&psz=1560x75%7C300x250%7C300x600%7C0x-1&msz=1200x75%7C300x250%7C300x600%7C0x-1&fws=0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0&ga_vid=497296648.1697076040&ga_sid=1697076041&ga_hid=2103991623&ga_fc=true&dlt=1697076038641&idt=2791&cust_params=url%3D%252Fread%252Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap%26ref%3Dnull&adks=4222526332%2C1213857913%2C2585133085%2C4176520254&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e7cd7f75d3498f25fdf1a35528552f2ee0ef1ba0bc8b933b33c52b1e9ea504d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31868
x-xss-protection: 0
google-lineitem-id: -2,6392941438,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138449117100,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 444 B
206 B 1055ms
1054ms Fetch
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=730651078118262&correlator=1112155835868985&eid=31078704&output=ldjh&gdfp_req=1&vrg=202310050101&ptt=17&impl=fifs&iu_parts=21622890900%3A21764741526%2CID_metrotvnews.com_res_article_anchor_sticky_320x100%2C320x50%2C728x90%2C970x90&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=728x90%7C970x90&ifi=15&didk=590274410&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Ddd816ab5884b4cd2%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_MaW6wfFy81mILYZczCAPS73LUiN1g&gpic=UID%3D00000c96f9cb42e7%3AT%3D1697076041%3ART%3D1697076041%3AS%3DALNI_Ma52yEmquL8ABgA3KHqblLuFQ1XoA&abxe=1&dt=1697076043038&lmt=1697068843&adxs=0&adys=4&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&vis=1&psz=1600x1&msz=728x0&fws=128&ohw=0&psts=AOrYGskK-JfYkAPNc7ZknoZuHoZ9CCEMWE8IxSPYKCsoiZovF-angyzNtW3B5rQD2XglBVKSPisfWVZn7mvTlwawWA%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=497296648.1697076040&ga_sid=1697076041&ga_hid=2103991623&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY-a31jLIxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj6rfWMsjFIAFICCGQSGQoKcHViY2lkLm9yZxjUrvWMsjFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20Y-q31jLIxSABSAghkEhkKCnVpZGFwaS5jb20Y-q31jLIxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVRITndVV05TYTA5VVN6SjVibFpPWlM5NlRtUkRRVDA5SW4wPRiisfWMsjFIABIbCgxpZDUtc3luYy5jb20Yza_1jLIxSABSAghq&dlt=1697076038641&idt=2791&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=url%3D%252Fread%252Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap%26ref%3Dnull&adks=546321612&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d26a4011788685c877221572628843630489e0502244929a7362ac0cc03712f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 176
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D562 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso_XpNy2TQIfuk4Ikk_fuDeEGWIrM1YG99MabLtzVoWOIY-ldjLSuOwNVPqgrrkrEFTuDFkoqTW8yca0MbBuktMPhYtBEWuPTD_r8uEbf3J3ZjZwZeecKOFNl72xEkvfN0UGyTXAx1bybf4hq7Coccnvm8ZLSwQjKQsvJADP-KJxHhqzt31kFABNf1sBibfExZsRyUkJs5gKdvoOcaz2tylybJgs7peG1uJu4Yy39SFR29bPTt4f1Q_qvVb-dEfwvEiglTwuOYo52G2ZZc7AGI2rVzHzSulYdXCNbs_7UZTIm06KyG8fWWzEdqpCGrA1b4fGwTVu4Avjw5WlqSCDaG-Er71LPhNk5JUnLecvPQ0LprHBFKLlo4AStC3J7g8FgpCbIDGhYNK4-TLKwkDsrc2-RsL3onmiFum30g&sai=AMfl-YR5ZnRQIcrPOcmWA7g9wNCMlOzW4WM_qoMvgZ1_-aR7M2S_I10k33cafj0LgeYoHDTYk4Fvf1nE9HIJVCGHAvvgG5SGCXnM4KWB1jdkm5VXsbZnP55B89iibwOBXiI&sig=Cg0ArKJSzDbhsKYMRqF-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame D562 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:36:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D562 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:21:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D562 187 KB
59 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 02:00:43 GMT

GET
H3 200 1419818983016648919
tpc.googlesyndication.com/simgad/ Frame D562 76 KB
76 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1419818983016648919

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff0b9c1b7e11150b2ea533f72f2c8cd8859b68e20871245196c2e288b6f59dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:07:09 GMT
x-content-type-options: nosniff
age: 557614
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77597
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 08:02:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Oct 2024 15:07:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D562 0
0 16ms
15ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRp7hXPiJY9_zy1tGa_AsbLAaqbfCNg8rrS7j8Fz4qmXGH-EnMJXq9QruAWqlhjLgiUsO1DyiZajkRXhDJpILkp_BRLLw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D562 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c1a6ad37b06c5df9b8937f4a7391e566f577640eb955a8b70a659678510811a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D562 0
0 48ms
45ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7o6cHOrGgLHPtOaFzyD7aMndSlwUBRCQzBj2kVFsx-vIQ3XUtYvAsHQHhOgk0goAn5ed2I6jeZZuw43Wp7qkA9jbEgvnloLaIFzX1ogPuWazo-43QFKvhWaFXOYNMGvJR05WxpoNNStYuQgEi6T-BCmPgft4xaU5_mFqYqoErzpX4bLRjzDyT3Ep6nvW_DgQUdy20VgeZOKyIafhLLnQymDjUU92jaKqZOPUN-XckJIBtM0blDagTermsoSxG7HDy2YSmSNpp2ueF5V5cOd11qRt5r1Zu7i3tCGly4jxWzhmmsaOLeLNTC5Ge-Ql6g3gPLrmHeq-BRpFxd3Nl8xRhxUQDUUNkTHykAaEijWFAEjBapnWNRmGnhTVGdTAEabtwhclWoNAoEy0kGicmrFsM0XUs72qC2e1zlKdgK9k&sai=AMfl-YT33cNfRtyfWBY_k9UyVL4EHwSMvJuUQvBQzCKDlYaYsUTZ2TtQLSeB5XKjeOqqBJJsEpPqp4FYwjD4K1eNysAO0OGzQe_v8etRrIjh9HMe7aOhXTl_CuyIAXtH3p4&sig=Cg0ArKJSzFwCzKoAQScJEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Oct 2023 02:00:43 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame B92A 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 767F 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8E7X9RnYhKyUw7rPL_WB7-AewHecL6qOooC-966-9U46sMeb7TGvXvysMtQ1FeGUyl1LV04vo3G_immHVMgpY_Z9MmI-K8QFWLDsYhmJ8P3LfzLZmpUUnU2381Ep0lIHyj04SuaNEWkxe7z-wJcW5CGW4lgyKDI8Jubi9cdsdSBaJ-ygFjCJfiMai6WmIhVZqX_qjDMNp2J0Dj_NM-7B9nbZmLmbHTPHvFuAthhBrjhnE1bN1XV-jHLFRN5gOg3pjzCOntbmWJ0Pl5W05cYWzXqFnXz9fxpzmPDIpWJz9PsbO9J-zXMPvbM4Oa_Nz06DfP5epdh7F5g2Ymr3fkJhSEg3F&sai=AMfl-YQCPyyOPgdZQLX0VxFDStdLjA74TRC5KfulKjaFSU_xp4ARHsVszVtFrAOy_6puW2bjmVGEFGR7GU8oFu82RKQfjIgIP6X0zXcQ1PviatL4ngS2sAJGRk900RkjhiM&sig=Cg0ArKJSzIAHQEMdMpCTEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 12609748294944862576
tpc.googlesyndication.com/simgad/ Frame 767F 26 KB
26 KB 11ms
10ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12609748294944862576

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b570c431e129afba8d3eed8a9a0885cdfff5d06815e5742db1c8e813bd32a705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:04:51 GMT
x-content-type-options: nosniff
age: 582952
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26398
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 07:02:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Oct 2024 08:04:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 767F 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44636
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 13:36:47 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 767F 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 17:21:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 767F 187 KB
59 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 02:00:43 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 767F 0
0 22ms
21ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRWTf6jO2guJCcHc6VltogaLATpsgL1B57Apu2VostSC8Vky2v0hTRCcEkksoPo2KtZriM93W1G1ktde941VmAD9OMRg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 767F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8231f16c78e8efeee54f23b864a257a78100fb6a2eb2cb21a4c7c5adc492976

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 767F 0
0 53ms
52ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOe4xGGeUDjQNfcJ6RUBh_DdStslAIIJCzqCkKdidnMwv4jVljjF8IYNM9SUQx2ZarWLtgyPw2JoZZTgo-wTiXVfO8cZkhcUNixgAwDN12T0v8y3j7lcv09L0AU2K-wwkwOJqwi3FTcOfN4fJoUgDaBj0GHbykgHrnULAQmcHgEK7gLWC_6w2rcF00goR9930-u0ocGGAMg-nvQRK6C6THEiftyUCurozBmQBkFxhNdkD4Vp-DiVWJfoAO6k541eadphd5-yapEaZLyu8Wtp7JRhE6zPwGI9YG9821p6suKwlavOFG7zLGjd-1IwaJREm_KVMp6HtcG50IWnyRl2khYi_rx1k&sai=AMfl-YSsf4LsEkBIUX1w_WvrxRFBsdZosLFqd_G8wyGU2a37PNrBQsyo2yBuQi_SHPzkLqAjGk3kE7zZ0R03hHaJXIxX9qvqYpCmhMxOgJgqeyBMlD4NMWp7M9op6wgijfE&sig=Cg0ArKJSzJYiAKAb8zXiEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Oct 2023 02:00:43 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 29ms
29ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a530fb35e4a9b32234ebde9b11bf6769fe07852f8c3c60cc37c75a8b2334ec93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Oct 2023 11:24:04 GMT
server: nginx
etag: W/"651bf9d4-17d2e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 13 Oct 2023 02:00:43 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3132 15 KB
6 KB 15ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.metrotvnews.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 02:00:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 698277
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.142.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 82ms
41ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.142.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a530fb35e4a9b32234ebde9b11bf6769fe07852f8c3c60cc37c75a8b2334ec93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Oct 2023 11:24:04 GMT
server: nginx
etag: W/"651bf9d4-17d2e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 13 Oct 2023 02:00:43 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3132
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=metrotvnews.com&sn=ChromeSyncframe&so=3&topUrl=www.metrotvnews.com&bundle=QVkLhV9jdWJjNnI1T2hoYXRqalBBc0tkdkNJUFBIa21pRHYwak4lMkJxeEFWc3l1...
https://mug.criteo.com/sid?cpp=pP1Go3xCd1hxbzROZFpLUWNHb1VsaUtzSkRHbHZ2bUNHTHdLaGw0OWNjbG8rdFM3NWd3Sm9Xc2JzKy9KcWZmNEVvRS9INUk3Mk9VSjM2MHZlTmVCcEJWVi84NlMrN09DdTNVengxbk0wQWVlNTJ2aHlqcml6cjNiTUNjS2...

427 B
651 B

29ms
29ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pP1Go3xCd1hxbzROZFpLUWNHb1VsaUtzSkRHbHZ2bUNHTHdLaGw0OWNjbG8rdFM3NWd3Sm9Xc2JzKy9KcWZmNEVvRS9INUk3Mk9VSjM2MHZlTmVCcEJWVi84NlMrN09DdTNVengxbk0wQWVlNTJ2aHlqcml6cjNiTUNjS2FJWm1CaWxUYlVwZkRuZWluTzBydzBYRXRKempmQmJCUVVNbmhwQTNGTG5kUEoxM1owK05SWFVsTGU3ekFUWVpSVXlORmx2ZVkrbys4cnlKM2J1K1B0T2pUR2Frdm0rd0hqajJTeG9XQnAxN2JUcm1BbXhSUjNUYS96SHYrN1cwUmF3ZGluQkFNdXg2VDhHWGpGZk9oRTN1b3drY0hyVjg1VHh4MldOYkt5VWthUDRTNm0wST18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0ee38ae0be22b3080a994a32c231a0d65551413f6fe524e8db375d9e2c28488d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:43 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7401937
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:43 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=pP1Go3xCd1hxbzROZFpLUWNHb1VsaUtzSkRHbHZ2bUNHTHdLaGw0OWNjbG8rdFM3NWd3Sm9Xc2JzKy9KcWZmNEVvRS9INUk3Mk9VSjM2MHZlTmVCcEJWVi84NlMrN09DdTNVengxbk0wQWVlNTJ2aHlqcml6cjNiTUNjS2FJWm1CaWxUYlVwZkRuZWluTzBydzBYRXRKempmQmJCUVVNbmhwQTNGTG5kUEoxM1owK05SWFVsTGU3ekFUWVpSVXlORmx2ZVkrbys4cnlKM2J1K1B0T2pUR2Frdm0rd0hqajJTeG9XQnAxN2JUcm1BbXhSUjNUYS96SHYrN1cwUmF3ZGluQkFNdXg2VDhHWGpGZk9oRTN1b3drY0hyVjg1VHh4MldOYkt5VWthUDRTNm0wST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 254496
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2DC2 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXwFa-D2a22hZK_ADnBK-CmDI2Qt19Kzj9gH6-zOp6DOpJffftPZN8p15P53UM28N2FVy85lDMUjd9Uo8oDp5PsrrFonEOvP8QkXcj8Laiqy2wwV9wHH1yTzHl9F2Kqs836796vStDQDpHJrXV41IYzzOx8SCR_oh22FURmM_J8dHFuS2t-K7QgV9vtyNZ7zTz1Q0H0pdib_XpniDWUxKbb2Djf4faiXYADxOfbNBem60J-8Kf_J2safJfCQhzNstxXin0RCYE8Ptx4qlEYlG6UViRZROYrc0yyeJB6In_DuqmjnT3KQLEWMNuLmE_lpDlryA2wueCqvPCUrBW9-aK6tTI2THSvH-palKZ0iDUfVdcb2Dk78ehxOaa4eQgUjM6tCLgkNJral1WmCeE&sai=AMfl-YRDyHtr3y5TmUbqBf5zNTG0VGgkle1pX83u4jgdHsVTn9p7wLaKdWh0PK1EeomVnUskv8N2B2QjaDy5IJyIrBTesO3rSXfevyivKJGuOgwpBaqd1Ozg8cns4IT6YWs&sig=Cg0ArKJSzFW8mjPFBwSgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.metrotvnews.com
URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tfav_adl_152.js Show response
as.adlooxtracking.com/ads/js/ Frame 2DC2 75 KB
26 KB 60ms
19ms Script
application/javascript 2606:4700:10::6816:4092
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.adlooxtracking.com/ads/js/tfav_adl_152.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 802e3b837735808bb88c3e02f57828bf2d7905abbacca54a8e6b3caf6c7a96e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:43 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 494
x-guploader-uploadid: ADPycdsnbxmHbcG1EH1AY7NOWyDY61z_iylyLZWfvIVVfk4jk07UBcNKAQ2rvaIe0hDiP12A2b7gG10IELkaNzZPbgnUOVCNBzGg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 11 Oct 2023 08:13:07 GMT
server: cloudflare
etag: W/"cf9f3a2750b5422f95511c6234ca9cfe"
vary: Accept-Encoding
x-goog-generation: 1697011987714353
content-type: application/javascript
x-goog-hash: crc32c=pg9O6g==, md5=z586J1C1Qi+VURxiNMqc/g==
cache-control: public, max-age=14400
x-goog-stored-content-length: 76561
cf-ray: 814bc03a1f67bba4-FRA
expires: Thu, 12 Oct 2023 02:52:29 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DC2 187 KB
59 KB 217ms
216ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310050101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 02:00:44 GMT

GET
DATA 200
OK truncated
/ Frame 2DC2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 090b6eb466367e2a07391dcab5bf020086109b499a91c253b2f275098f3895aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2DC2 0
0 49ms
49ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKhvAzEtK3XUNziUODEDXpIZn073e8Oz9O6-eFGDuXQbis_-3b12yKWp76HjWWpmNPQfYo-G_OQcExCBjN3SZWhyKOpCvb8Tl4xJdxqDC5NaQIMZVtpfhJPOhBKs3gJuSRjvwwX3fWoxCgsr0v5nNbEVI2-MLvL80d4ahUpt5RHRcNGqWPhsC_DgNHDhh4SKtJ-R2GB-u_SFHPvsv1qbh9e2PoZEbchGqiZ-P0bmJ8nMbCS4Sd6cgZMFFbzYMGd1rggk0jMHRBVbwQxwfVtWbTNub7T9UevD9_p8iPL9ZQdAQ44bZh5EEQrLv-bOTfHrElzUOFFDQWSKgvRZsrH2hVmkpt4vOZkrewt1J56LqB9nGRnNvQ__TQLDvKvQO0yZKTfCd2schf3eWSSinMxf8&sai=AMfl-YSrfWLEzs_gCaaXOqz6YahxVc43-2bR5dGGL_5Dpw-zacNH_FJSxYquHNJDzwIucjNa-UXh80kIjhqBQ8jHNwY3frIAgGWmdVPw2Two4jWy1ciQzWF0WavVb876sIs&sig=Cg0ArKJSzG9JgVcs05QwEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 12 Oct 2023 02:00:44 GMT

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 2DC2 88 B
573 B 57ms
24ms XHR
application/json 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=95&client=adasia&d1=pg-384~1_fo-384~1_vpw-384~1600_vph-384~1200_scw-384~1600_sch-384~1200_sco-384~1_sca-384~0_srx-384~0_sry-384~0_ev-72~sb.384~rp.384~rvp.384~rap.395~ss&att=0.0.1600~1200&visite_id=6427392539&seq=0&timezone=-120&js=tfav_adl_152.js&date_regen=8015798&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=4423307908&id2=2881633869&id3=22927563359&id4=21621840631&id5=138356347689&id12=%24ADLOOX_WEBSITE&p_d=0.325&fai=google_ads_iframe_%2F21622890900%2C21764741526%2FID_metrotvnews.com_res_article_below_300x250%2F%2F336x280%2F%2F728x90_0%40https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&iframe=3&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&ao=https%3A%2F%2Fwww.metrotvnews.com&activetab=1&cf=1
Requested by: Host: as.adlooxtracking.com
URL: https://as.adlooxtracking.com/ads/js/tfav_adl_152.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: 12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:44 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-75d5674dd6-dznlq
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://www.metrotvnews.com
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D562 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth329hchKK4eyEema2H2t9AwaVd0G1GIIjHlOC-W0sYKnQ9Hi577cEWX4oAuog293Ak3HCJuE_Z3rvuHdYM131rC76VlCbS4ZSoSYy55xYV3WxNjJX6QRfkMtD2rD4&sig=Cg0ArKJSzCSe6c5l5AsaEAE&id=lidar2&mcvt=1000&p=209,315,299,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2966671429&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697076043162&rpt=53&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 767F 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDdAaLY2LG8iSa7UPSrRMshJMVRy2lUaRVCPEzpjftqmYt5PQ6t1AlZbVOIC-rNBEfLwM99qC5sjEwzi9x40xj7atbbqRMf5NKzwKP6MFAVlKDHNOn4qheehR056RV&sig=Cg0ArKJSzBMOKyS6cSqoEAE&id=lidar2&mcvt=1000&p=496,1043,746,1343&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1213857913&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697076043320&rpt=63&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-MPP2ZX5HJN&gtm=45je3ab0&_p=2103991623&cid=497296648.1697076040&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1697076040&sct=1&seg=1&dl=https%3A%2F%2Fwww.metrotvnews.com%2Fread%2Fb1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap&dt=Buat%20Situs%20Bank%20BNI%20Palsu%20untuk%20Ambil%20Data%20Nasabah%2C%20Pria%20di%20Kalbar%20Ditangkap&en=page_view&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-MPP2ZX5HJN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metrotvnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 38ms
13ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.metrotvnews.com%2F&domain=www.metrotvnews.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.metrotvnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 12 Oct 2023 02:00:48 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 234729
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
392 B 13ms
13ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.metrotvnews.com%2F&domain=www.metrotvnews.com&cw=1&pbt=1&lsw=1

Requested by

Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.metrotvnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.metrotvnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 191190
expires: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 220E 52 KB
17 KB 41ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 57912
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 12 Oct 2023 02:00:48 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 01 Oct 2023 09:55:16 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1458, 331611
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230026-FRA
X-Timer: S1697076048.055250,VS0,VE0

GET
H2 200 pd Show response
adasia-d.openx.net/w/1.0/ Frame 3DF3 0
80 B 36ms
16ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://adasia-d.openx.net/w/1.0/pd
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 12 Oct 2023 02:00:48 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DFE0 15 KB
6 KB 64ms
11ms Document
text/html 2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=28513
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 12 Oct 2023 02:00:48 GMT
expires: Thu, 12 Oct 2023 09:56:01 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E6E9 281 B
554 B 39ms
14ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: anymind360.com
URL: https://anymind360.com/js/10267/prebid_2023_10_10_7_51_37.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.metrotvnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 12 Oct 2023 02:00:48 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E6E9 38 KB
11 KB 8ms
8ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 803a4612c43268594cc913e0a6259b0642284d51d391ed43c883c49ed45b6120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 02:00:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Oct 2023 08:07:05 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21896
Connection: keep-alive
Content-Length: 10837
Expires: Thu, 12 Oct 2023 08:05:44 GMT

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 220E
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
646 B

18ms
18ms

Script
text/html

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:48 GMT
an-x-request-uuid: fe63cd41-1600-4024-a067-9c4d8c5ae657
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.197; 80.255.10.197; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:48 GMT
an-x-request-uuid: 8f660452-21fc-444a-ae6b-881b1df42899
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.197; 80.255.10.197; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame E6E9 7 B
380 B 195ms
8ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DFE0 3 KB
3 KB 199ms
17ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79883250&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: c12e4956bde7c6508d0a31d9d196e8d070f878e2ae5d5ecd57a16ef87017061f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 12 Oct 2023 02:00:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 2DAE
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

49ms
18ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 12 Oct 2023 02:00:48 GMT
expires: Thu, 12 Oct 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 818049
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame E0E7
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

190ms
189ms

Document
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 12 Oct 2023 02:00:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 81HSG314H66QMTBJDM27

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 12 Oct 2023 02:00:48 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 28JE0N9MVGGPQE0BCXRB

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 91DA
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3o4MMd2ICzbFjgw32oMTMozdWz7F3l1n3oPOqXAb

42 B
566 B

62ms
18ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3o4MMd2ICzbFjgw32oMTMozdWz7F3l1n3oPOqXAb
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Thu, 12 Oct 2023 02:00:48 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3o4MMd2ICzbFjgw32oMTMozdWz7F3l1n3oPOqXAb
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D602
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7160140692651466434&gdpr=0&gdpr_consent=

42 B
447 B

72ms
18ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7160140692651466434&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 907491a4-618d-49a7-8ea0-8063daee8f6b
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 12 Oct 2023 02:00:48 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7160140692651466434&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 80.255.10.197; 80.255.10.197; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3F69
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288886124990363787&gdpr=0&gdpr_consent=

42 B
298 B

61ms
19ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288886124990363787&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Thu, 12 Oct 2023 02:00:48 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7288886124990363787&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

sync Show response
x.bidswitch.net/ Frame 9849
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=ff7ff8a5-c517-4877-9a34-47e436d54898&ssp=pubmatic

43 B
145 B

8ms
8ms

Document
image/gif

18.193.237.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidswitch.net/sync?dsp_id=59&user_id=ff7ff8a5-c517-4877-9a34-47e436d54898&ssp=pubmatic
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.237.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-237-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif
date: Thu, 12 Oct 2023 02:00:48 GMT

Redirect headers

Connection: keep-alive
Content-Length: 121
Content-Type: text/html; charset=utf-8
Date: Thu, 12 Oct 2023 02:00:48 GMT
Location: //x.bidswitch.net/sync?dsp_id=59&user_id=ff7ff8a5-c517-4877-9a34-47e436d54898&ssp=pubmatic
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame EA84
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cd194Yb8UC5yPwc1B-PkEVD_CsU&gdpr=0&gdpr_consent=

42 B
298 B

18ms
18ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cd194Yb8UC5yPwc1B-PkEVD_CsU&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Thu, 12 Oct 2023 02:00:48 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=cd194Yb8UC5yPwc1B-PkEVD_CsU&gdpr=0&gdpr_consent=

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DFE0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=WjSQ3kstReuIWj1tLsU0WA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

12ms
12ms

Image
text/html

2.19.105.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 2.19.105.180 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-105-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:48 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=28513
accept-ranges: bytes
content-length: 5606
expires: Thu, 12 Oct 2023 09:56:01 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame DFE0 49 B
265 B 40ms
30ms Image
image/gif 63.33.97.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.97.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-97-132.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:48 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.10.250
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame DFE0
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2610272151
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5A3490DE-4B2D-45EB-885A-3D6D2EC53458

0
284 B

58ms
23ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5A3490DE-4B2D-45EB-885A-3D6D2EC53458
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:47 GMT
via: 1.1 google
last-modified: Thu, 12 Oct 2023 02:00:48 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=5A3490DE-4B2D-45EB-885A-3D6D2EC53458
date: Thu, 12 Oct 2023 02:00:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame DFE0
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=5A3490DE-4B2D-45EB-885A-3D6D2EC53458
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWRhb1NUZUYzekZSQXVPeDE3enN5bDRIUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=1568788287180738237&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

92ms
91ms

Image
image/png

54.197.99.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: HTTP/1.1
Server: 54.197.99.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-99-246.compute-1.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 12 Oct 2023 02:00:48 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Thu, 12 Oct 2023 02:00:48 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DFE0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUEzNDkwREUtNEIyRC00NUVCLTg4NUEtM0Q2RDJFQzUzNDU4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

44ms
18ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DFE0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPinn8RVcVzTesy0FdVpC1Y&google_cver=1

42 B
344 B

44ms
19ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPinn8RVcVzTesy0FdVpC1Y&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPinn8RVcVzTesy0FdVpC1Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame DFE0 43 B
611 B 57ms
14ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 11 Oct 2023 02:00:48 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DFE0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1568788287180738237

42 B
244 B

19ms
18ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1568788287180738237
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1568788287180738237
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame DFE0 70 B
149 B 113ms
35ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:48 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 5A3490DE-4B2D-45EB-885A-3D6D2EC53458
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DFE0 43 B
426 B 103ms
32ms Image
image/gif 2a05:d018:d29:3601:970f:dde0:5c57:1e8b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/5A3490DE-4B2D-45EB-885A-3D6D2EC53458?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:970f:dde0:5c57:1e8b Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame DFE0 0
125 B 40ms
9ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame DFE0 0
187 B 82ms
19ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 12 Oct 2023 02:00:47 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 220E 0
595 B 19ms
18ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:49 GMT
an-x-request-uuid: e60ab60a-9954-4858-aee6-cc4e3c6d9697
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.197; 80.255.10.197; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame DFE0 0
260 B 88ms
21ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DFE0 3 KB
3 KB 18ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70797732&p=158497&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 84fb54cb14dd5babdf4bf50c9a3ccc39b0d30d2899e6443cc7d5288b53f71c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 12 Oct 2023 02:00:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame AD72 35 B
590 B 23ms
22ms Document
image/gif 37.157.6.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Thu, 12 Oct 2023 02:00:51 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 3EAD
Redirect Chain

https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0

42 B
185 B

18ms
18ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:50 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 176
Content-Type: text/html; charset=utf-8
Date: Thu, 12 Oct 2023 02:00:51 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
Pragma: no-cache

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame AD0C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

105ms
105ms

Document
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSdTUwAT_UMHIgA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Thu, 12 Oct 2023 02:00:51 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230047-FRA
x-timer: S1697076051.357241,VS0,VE99

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Thu, 12 Oct 2023 02:00:51 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZSdTUwAT_UMHIgA4
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230047-FRA
x-timer: S1697076051.260032,VS0,VE89

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 0B3B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVDMwN0tUcWNBQUJqaGRzbVhvQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?ev=AABT307KTqcAABjhdsmXoA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABT307KTqcAABjhdsmXoA&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partneruserid=AABT307KTqcAABjhdsmXoA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8025994451557218396&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABT307KTqcAABjhdsmXoA&gdpr=0&gdpr_consent=

42 B
199 B

18ms
18ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABT307KTqcAABjhdsmXoA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 12 Oct 2023 02:00:51 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABT307KTqcAABjhdsmXoA&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1A14
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

19ms
18ms

Document
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 12 Oct 2023 02:00:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Thu, 12 Oct 2023 02:00:51 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame DE65
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1106d16dc43544dc8f18e9892ba8ba84

42 B
278 B

18ms
18ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1106d16dc43544dc8f18e9892ba8ba84
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/html; charset=utf-8
date: Thu, 12 Oct 2023 02:00:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU1106d16dc43544dc8f18e9892ba8ba84
pragma: no-cache
server: nginx

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 494B 43 B
283 B 94ms
14ms Document
image/gif 72.251.241.196
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Thu, 12 Oct 2023 02:00:51 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-5

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 7993
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6883960685232961764

42 B
195 B

18ms
18ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6883960685232961764
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6883960685232961764
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 9D12
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685630125041201

42 B
273 B

18ms
18ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685630125041201
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Thu, 12 Oct 2023 02:00:51 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685630125041201
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 3AF9 43 B
368 B 42ms
15ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Thu, 12 Oct 2023 02:00:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET pubmatic
ad.mrtnsvr.com/sync/ Frame 310A 0
0

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 624F 43 B
276 B 95ms
26ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158497
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Thu, 12 Oct 2023 02:00:51 GMT
Vary: Accept-Encoding
X-adserver-worker: molok-68885c11af71@version_1.573
X-core-time: 1ms
X-server-arch: v2

GET usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 1732 0
0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame DFE0 95 B
438 B 50ms
22ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=5A3490DE-4B2D-45EB-885A-3D6D2EC53458

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:51 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 814bc0685d512c52-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame DFE0
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

32ms
31ms

Image
image/gif

77.243.51.122
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:59 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:59 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame DFE0
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=e36ca90fd8c87aab/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=047cbfdd10bcbecc6a2dd01748cfb9a6&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
148 B

35ms
34ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 02:00:51 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DFE0
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3440014400086778441&gdpr=0&gdpr_consent=&us_privacy=

1 B
278 B

18ms
18ms

Image
text/html

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3440014400086778441&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 12 Oct 2023 02:00:50 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3440014400086778441&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Thu, 12 Oct 2023 02:00:51 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame DFE0 0
104 B 101ms
26ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 12 Oct 2023 02:00:51 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DFE0
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:73ece5f6-156a-4eff-a470-2efec3165a75&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

20ms
20ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:73ece5f6-156a-4eff-a470-2efec3165a75&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 12 Oct 2023 02:00:51 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:73ece5f6-156a-4eff-a470-2efec3165a75&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Thu, 12 Oct 2023 02:00:51 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET SPug
simage4.pubmatic.com/AdServer/ Frame DFE0 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn01.metrotvnews.com
URL: https://cdn01.metrotvnews.com/dynamic/content/2023/10/04/kM6CaLOY/t_651d24d0e301f.jpg?w=300

Domain: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.metrotvnews.com&pubid=db25e772-a50a-4abc-826c-f029cd5364e4

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstgjgWzXKShsUp7lASWEGs32qeuCBW91BQDgMRwkd7t3Xge5WbnA5uoFVUhgaumsLLGnz3xGstPDytGNtu8sUu463VFJiuFUeE2wEVc29thr1YeHXpfbSkJQVX2i24o&sig=Cg0ArKJSzJWGgdKa52O2EAE&id=lidartos&mcvt=1336&p=453,1043,703,1343&mtos=1336,1336,1336,1336,1336&tos=1336,0,0,0,0&v=20231011&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1213857913&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1697076041828&rpt=136&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: ad.mrtnsvr.com
URL: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Domain: cm-supply-web.gammaplatform.com
URL: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel

Domain: simage4.pubmatic.com
URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158497&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.metrotvnews.com/	1970-01-21 01:00:36	Name: _ga Value: GA1.1.497296648.1697076040
.metrotvnews.com/	1970-01-21 01:00:36	Name: _ga_MPP2ZX5HJN Value: GS1.1.1697076040.1.1.1697076040.60.0.0
.izooto.com/	1970-01-21 01:00:36	Name: IZCID Value: 6058130e-e333-41f1-9655-7626a0b29309
www.metrotvnews.com/	1970-01-20 16:07:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
.openx.net/	1970-01-21 00:10:12	Name: i Value: 2eca5071-190e-4cad-b29d-535eff335d08\|1697076041
.criteo.com/	1970-01-21 00:46:12	Name: uid Value: 74e0486d-feea-4c76-a7a3-23778b9e39c5
.metrotvnews.com/	1970-01-21 00:46:12	Name: __gads Value: ID=dd816ab5884b4cd2:T=1697076041:RT=1697076041:S=ALNI_MaW6wfFy81mILYZczCAPS73LUiN1g
.metrotvnews.com/	1970-01-21 00:46:12	Name: __gpi Value: UID=00000c96f9cb42e7:T=1697076041:RT=1697076041:S=ALNI_Ma52yEmquL8ABgA3KHqblLuFQ1XoA
.doubleclick.net/	1970-01-21 00:46:12	Name: IDE Value: AHWqTUllWZW8u9FnytaOxxjOsDIcfTDtc3em4FXIQTR88h1s09KudaIhk2pLd2BOXho
.yandex.ru/	1970-01-21 01:00:36	Name: yandexuid Value: 4700864621697076041
.rubiconproject.com/	1970-01-21 00:10:12	Name: khaos Value: LNMJ9AHH-5-HVO7
.rubiconproject.com/	1970-01-21 00:10:12	Name: audit Value: 1\|naVuGyos1qqYBulhYg7aE+QFbWGgM44fR/rFJVNr6iIKdoywSGEkcNEEnxW3fqvI+H1Fr3TEOzYoGD3h8wFVRfPzJ6cr+j5/TzSTIm4UlLLEyVNLdBbxACKPLRELhl3x0A+VO7RH1E0=
.metrotvnews.com/	1970-01-21 00:46:12	Name: cto_bundle Value: 1SSPJF9jdWJjNnI1T2hoYXRqalBBc0tkdkNLdTZYZkdIM0RyeGNWMGM1eFRURmFFOCUyRkM5b3g1SzJqN3lrWkYxbDZhTzNYdlhsWHdxUTl5dlN4Zm1lSVQlMkZJYjVaM241SVpTdUdwcmQ3ZmpmckhHOTJobHY2SXclMkJiaUxrMHFJS2dHREc0MlJ2Qmp2b2czVSUyRnd5ayUyQlMyZUlEc3dBJTNEJTNE
.adnxs.com/	1970-01-20 17:34:12	Name: uuid2 Value: 7160140692651466434
.pubmatic.com/	1970-01-21 00:10:12	Name: KADUSERCOOKIE Value: 5A3490DE-4B2D-45EB-885A-3D6D2EC53458
.bidswitch.net/	1970-01-21 00:10:12	Name: tuuid Value: e1434249-f290-4ca0-bdea-ffb1877a52b6
.bidswitch.net/	1970-01-21 00:10:12	Name: c Value: 1697076048
.bidswitch.net/	1970-01-21 00:10:12	Name: tuuid_lu Value: 1697076048
.quantserve.com/	1970-01-20 17:34:12	Name: d Value: EP8BCwGVKvijAA
.quantserve.com/	1970-01-21 00:54:50	Name: mc Value: 65275350-52128-4dfe8-eca68
.weborama.fr/	1970-01-21 00:50:31	Name: AFFICHE_W Value: 7nXxXwSQTjju81
.adfarm1.adition.com/	1970-01-20 17:34:12	Name: UserID1 Value: 7288886124990363787
.simpli.fi/	1970-01-21 00:11:38	Name: suid Value: 5A61A0BD6CFE44D88CC7FC221465D6DE
.adform.net/	1970-01-20 16:09:14	Name: C Value: 1
.pubmatic.com/	1970-01-20 17:34:12	Name: KRTBCOOKIE_153 Value: 1923-3o4MMd2ICzbFjgw32oMTMozdWz7F3l1n3oPOqXAb&KRTB&19420-3o4MMd2ICzbFjgw32oMTMozdWz7F3l1n3oPOqXAb&KRTB&22979-3o4MMd2ICzbFjgw32oMTMozdWz7F3l1n3oPOqXAb&KRTB&23403-3o4MMd2ICzbFjgw32oMTMozdWz7F3l1n3oPOqXAb
.pubmatic.com/	1970-01-20 17:34:12	Name: KRTBCOOKIE_80 Value: 22987-CAESEPinn8RVcVzTesy0FdVpC1Y&KRTB&23025-CAESEPinn8RVcVzTesy0FdVpC1Y&KRTB&23386-CAESEPinn8RVcVzTesy0FdVpC1Y
.pubmatic.com/	1970-01-20 17:34:12	Name: KRTBCOOKIE_57 Value: 22776-7160140692651466434&KRTB&23339-7160140692651466434
.pubmatic.com/	1970-01-20 16:07:48	Name: KRTBCOOKIE_1101 Value: 23040-7288886124990363787&KRTB&23369-7288886124990363787
.adform.net/	1970-01-20 16:51:00	Name: uid Value: 1568788287180738237
.pubmatic.com/	1970-01-20 16:07:48	Name: KRTBCOOKIE_391 Value: 22924-1568788287180738237&KRTB&23263-1568788287180738237&KRTB&23481-1568788287180738237
ads.avct.cloud/	1970-01-21 00:10:12	Name: uuid Value: ff7ff8a5-c517-4877-9a34-47e436d54898
.amazon-adsystem.com/	1970-01-20 21:43:19	Name: ad-id Value: A3FonoG_lUWCh0wNUvmzX64
.amazon-adsystem.com/	1970-01-21 01:00:36	Name: ad-privacy Value: 0
sync.srv.stackadapt.com/	1970-01-21 00:10:12	Name: sa-user-id Value: s%3A0-71dd7de1-86fc-502e-723f-073507e3e411.gJ3Q7T8dihVV4kY%2Fs92iJd5EElxltBKT0Di%2FDkySJ%2Bs
.srv.stackadapt.com/	1970-01-21 00:10:12	Name: sa-user-id Value: s%3A0-71dd7de1-86fc-502e-723f-073507e3e411.gJ3Q7T8dihVV4kY%2Fs92iJd5EElxltBKT0Di%2FDkySJ%2Bs
sync.srv.stackadapt.com/	1970-01-21 00:10:12	Name: sa-user-id-v2 Value: s%3Acd194Yb8UC5yPwc1B-PkEVD_CsU.TnpfKlYmtCKzss31Mqis7zNjvmp3LFVkOPfpIZt1wpM
.srv.stackadapt.com/	1970-01-21 00:10:12	Name: sa-user-id-v2 Value: s%3Acd194Yb8UC5yPwc1B-PkEVD_CsU.TnpfKlYmtCKzss31Mqis7zNjvmp3LFVkOPfpIZt1wpM
sync.srv.stackadapt.com/	1970-01-21 00:10:12	Name: sa-user-id-v3 Value: s%3AAQAKIJjH3KynR_K20At5lKA5NE8yTuaVi2Vcc7nsxYOXgyoZEHwYBCDQpp2pBjABOgSAjA8ZQgSlPdL-.%2FHKKPn8DFIBz0zzrpHZw6m4VEh1qA5JAL86H70ZFMuA
.srv.stackadapt.com/	1970-01-21 00:10:12	Name: sa-user-id-v3 Value: s%3AAQAKIJjH3KynR_K20At5lKA5NE8yTuaVi2Vcc7nsxYOXgyoZEHwYBCDQpp2pBjABOgSAjA8ZQgSlPdL-.%2FHKKPn8DFIBz0zzrpHZw6m4VEh1qA5JAL86H70ZFMuA
.audrte.com/	1970-01-20 15:46:12	Name: arcki2 Value: 1daoSTeF3zFRAuOx17zsyl4HQ!20220908!1697076048638!ip#80.255.10.197
.audrte.com/	1970-01-20 15:46:12	Name: arcki2_pubmatic Value: 5A3490DE-4B2D-45EB-885A-3D6D2EC53458!20220908!1697076048641
.pubmatic.com/	1970-01-20 17:34:12	Name: KRTBCOOKIE_860 Value: 16335-cd194Yb8UC5yPwc1B-PkEVD_CsU&KRTB&23334-cd194Yb8UC5yPwc1B-PkEVD_CsU&KRTB&23417-cd194Yb8UC5yPwc1B-PkEVD_CsU&KRTB&23426-cd194Yb8UC5yPwc1B-PkEVD_CsU
.audrte.com/	1970-01-20 15:46:12	Name: arcki2_ddp2 Value: 1daoSTeF3zFRAuOx17zsyl4HQ!20220908!1697076048763
.audrte.com/	1970-01-20 15:46:12	Name: arcki2_adform Value: 1568788287180738237!20220908!1697076048881
.pubmatic.com/	1970-01-20 16:07:48	Name: SPugT Value: 1697076050
.pubmatic.com/	1970-01-20 17:34:12	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 15:26:02	Name: pi Value: 158497:4
.pubmatic.com/	1970-01-20 17:34:12	Name: DPSync3 Value: 1698278400%3A219_197_235_201_245_241_227_226
.pubmatic.com/	1970-01-20 17:34:12	Name: SyncRTB3 Value: 1698278400%3A196_22_13_54_220_166_234_165_254_71_249_81_238_21_3_56_233_264_46_251_161_8_55_214%7C1698364800%3A35%7C1697932800%3A63%7C1697673600%3A15_223_2%7C1699660800%3A203
.ctnsnet.com/	1970-01-21 00:10:12	Name: cid_883b54cd48c342f5a038e9186b1031a0 Value: 1
.zeotap.com/	1970-01-21 00:10:12	Name: zc Value: 450efe1a-19d1-4494-5041-ac2249211229
.csync.loopme.me/	1970-01-20 17:37:04	Name: viewer_token Value: 8ed434a2-0307-4315-9868-ca6c5ece86f9
.onaudience.com/	1970-01-21 00:10:12	Name: cookie Value: e36ca90fd8c87aab
.onaudience.com/	1970-01-20 15:26:02	Name: done_redirects104 Value: 1
.adsby.bidtheatre.com/	1970-01-20 15:34:40	Name: __kuid Value: 73ece5f6-156a-4eff-a470-2efec3165a75.466290051
.rfihub.com/	1970-01-21 00:46:12	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmluYG5mYGpobGACAMoadacQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjA0MjUwMTQyMBTiM9TNTE92Cq00jAoLNQgDAC4M85klAAAA
.rfihub.com/	1970-01-21 00:46:12	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzNjA0MjUwMTQyMBTiM9TNTE92Cq00jAoLNQgDAC4M85klAAAA
.de17a.com/	1970-01-21 00:03:00	Name: guid Value: 1.6883960685232961764
.semasio.net/	1970-01-21 00:10:12	Name: SEUNCY Value: D3B642D23AF6C857
.pubmatic.com/	1970-01-20 17:34:12	Name: KRTBCOOKIE_18 Value: 22947-5109685630125041201
.onaudience.com/	1970-01-20 15:26:02	Name: done_redirects161 Value: 1
.everesttech.net/	1970-01-21 00:10:12	Name: everest_g_v2 Value: g_surferid~ZSdTUwAT_UMHIgA4
.pubmatic.com/	1970-01-20 16:07:48	Name: KRTBCOOKIE_336 Value: 5844-6883960685232961764
.bidr.io/	1970-01-21 00:53:09	Name: bito Value: AABT307KTqcAABjhdsmXoA
.bidr.io/	1970-01-21 00:53:09	Name: bitoIsSecure Value: ok
.adx.opera.com/	1970-01-21 00:10:12	Name: UID Value: OPU1106d16dc43544dc8f18e9892ba8ba84
.pubmatic.com/	1970-01-20 16:07:48	Name: KRTBCOOKIE_1323 Value: 23480-OPU1106d16dc43544dc8f18e9892ba8ba84&KRTB&23485-OPU1106d16dc43544dc8f18e9892ba8ba84&KRTB&23524-OPU1106d16dc43544dc8f18e9892ba8ba84
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 5791a7dbf3d14bc5
.onaudience.com/	1970-01-20 15:26:02	Name: done_redirects147 Value: 1
.turn.com/	1970-01-20 19:43:48	Name: uid Value: 3440014400086778441
.smartadserver.com/	1970-01-21 00:56:16	Name: pid Value: 8025994451557218396
.smartadserver.com/	1970-01-21 00:56:16	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 00:11:38	Name: csync Value: 127:AABT307KTqcAABjhdsmXoA
.pubmatic.com/	1970-01-20 16:07:48	Name: KRTBCOOKIE_22 Value: 14911-3440014400086778441&KRTB&23150-3440014400086778441&KRTB&23527-3440014400086778441
.pubmatic.com/	1970-01-20 17:34:12	Name: KRTBCOOKIE_699 Value: 22727-AABT307KTqcAABjhdsmXoA
.pubmatic.com/	1970-01-20 17:34:12	Name: KRTBCOOKIE_945 Value: 19558-uid:
.pubmatic.com/	1970-01-20 16:07:48	Name: PugT Value: 1697076050

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.metrotvnews.com/read/b1oC8y08-buat-situs-bank-bni-palsu-untuk-ambil-data-nasabah-pria-di-kalbar-ditangkap Message: Access to XMLHttpRequest at 'https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.metrotvnews.com&pubid=db25e772-a50a-4abc-826c-f029cd5364e4' from origin 'https://www.metrotvnews.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.metrotvnews.com&pubid=db25e772-a50a-4abc-826c-f029cd5364e4 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=5A3490DE-4B2D-45EB-885A-3D6D2EC53458&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
adasia-d.openx.net
ads.avct.cloud
ads.pubmatic.com
anymind360.com
as.adlooxtracking.com
b1975374b50e085527bf1d77f07140ba.safeframe.googlesyndication.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
bs.yandex.ru
c.amazon-adsystem.com
c1.adform.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn01.metrotvnews.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d5p.de17a.com
data00.adlooxtracking.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google-bidout-d.openx.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.onaudience.com
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prg-apac.smartadserver.com
pubmatic-match.dotomi.com
region1.analytics.google.com
rt.ad-score.com
rtb-csync.smartadserver.com
rtb.openx.net
s.trvdp.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
static.criteo.net
stats.g.doubleclick.net
stg.truvidplayer.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
t.adx.opera.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
va.medcom.id
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.metrotvnews.com
x.bidswitch.net
ad.mrtnsvr.com
c.amazon-adsystem.com
cdn01.metrotvnews.com
cm-supply-web.gammaplatform.com
pagead2.googlesyndication.com
simage4.pubmatic.com
103.225.66.102
103.225.66.86
103.225.66.90
104.18.35.167
108.138.1.25
108.138.9.235
13.32.99.110
134.122.57.34
141.94.171.213
142.250.185.194
143.204.215.19
143.204.98.64
151.101.193.55
151.101.194.49
151.101.65.108
162.19.138.118
178.250.1.11
178.250.7.11
18.193.237.199
185.64.189.112
185.64.190.78
185.64.190.81
185.64.191.210
185.86.139.93
185.89.210.212
193.0.160.130
195.5.165.20
2.19.105.180
2001:4860:4802:34::36
208.93.169.131
213.155.156.165
217.182.178.224
2600:9000:2250:7000:a:e047:753:6381
2602:803:c003:200::61
2606:4700:10::6816:1957
2606:4700:10::6816:4092
2606:4700:10::ac43:266a
2606:4700::6810:5914
2606:4700::6812:d841
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::200a
2a00:1450:4001:802::2004
2a00:1450:4001:803::2003
2a00:1450:4001:809::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:400c:c06::9b
2a02:2638:3::c
2a02:2638:d::2
2a02:2638:d::a
2a02:6b8::90
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:970f:dde0:5c57:1e8b
3.71.149.231
34.102.146.192
34.111.129.221
34.111.131.239
34.120.107.143
34.251.190.219
34.254.143.3
34.91.62.186
34.98.64.218
35.186.193.173
35.186.253.211
35.208.216.174
35.214.166.207
35.241.31.249
35.71.131.137
37.157.6.237
46.228.164.11
50.31.142.127
52.213.189.61
54.166.53.84
54.197.99.246
54.76.89.191
63.33.97.132
65.9.66.97
67.220.224.144
69.173.144.165
72.251.241.196
77.243.51.122
82.145.213.8
85.114.159.118
95.101.149.233
98.98.134.243
99.86.4.71
05981f32ab7b55783aea2849fa155694afcf61cd01f08e04a9c3a4865451cc2c
05bd689b8e998e50efbfbc96dc391c86de020d355ceb5ed929b457e9c0afbcbf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
090b6eb466367e2a07391dcab5bf020086109b499a91c253b2f275098f3895aa
0ee38ae0be22b3080a994a32c231a0d65551413f6fe524e8db375d9e2c28488d
0ffdea76a492845985238e5a85badbc4498ad7ce42bb533292c4f14844678748
12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c1a6ad37b06c5df9b8937f4a7391e566f577640eb955a8b70a659678510811a
1dc5020af06df23cd8ae8752d712384012d1676abe530e7ac48578d474e811bb
1df5fce455898e9f6cd2e4ff4eba8186e3adcd0f62018da02215eb4ce2a4b3cc
21036c18307a7423d572be042a94f57447408a66ad95a6df89d4daade5799f83
241df04a32e1a0a4da58eb35f672c5f0b4e1fa131475803ce3222bf493632d5e
2761d0b655a6489799260b3a129325243d45bd2fd0ae694a7d9fe1bb004b959d
2a07edf6800e2c6929afaadefee0ae2a71d97819312d2e2f7cf38527b3a09717
2a2b77d3ed0b0f80f10b9c2fb2d58af5c4195bee538064716ced60a8678fc5d5
2a93164d573eb1fa9016111ca12919413da25acd55b3360c7b55fecc9c4f6960
2aa2c1304d4c912b456c6c405178101d6860786205755c164fcb16146b21f4b9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa74ff360ff95b3d8b83b1af51dc38ed1278a754998233af831ec36d6867402
2c1b4ffd3d6aae45c5e5ae3fde9374daf632286062b7cda71f5ebd893cada986
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30e58272faca8c75baefcd1c00965b233cd22da6ea2c8ce9e1b9f10db9523aaf
310de9600c8bb44cc93f7917cf8285ebd1ad24620773adf3f2df4e5e0db9dfd1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
355539a6c554e9a1d2724ac8a3dcc5d7d3b7ce83c3807fb49c7e048f1c93f377
368046011ecb39040953abfdbea5f4b4449ae5b77fe45269856b855a07e01672
3849cb314678f9f7cc4ef33c447af61564c9d064a11f1b6bb8169f0c2d0f459a
38b8928c49984e1589a0e7f5c6d280d2cddc87d70326b48f2db05d165ac9eade
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2bc6856dae7db110921b9834dc1dfe15aa0e315e13b757ac218af7aad7a0d9
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
438d28215cd087d42e6fd6bf3c5db89dd616d4a18cb94461d5d0f263a3be2734
43cca092d6f847f9978e9467fe699df271c8f66116253ddd80654b448b6d1a4a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a1daa11a24840b012cb2ad180ddc7719b82d30f457056fe8c5d31394b48b93d
4e3ef90c6df625cd4e0cb72b725bfd6f5dc98101da5eaa109fdbf9b5081cc3a3
4f7b56f604d286cbb407a9485e4683021bc724ac94416cceb16de243517f3231
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5cdd64d68cefd95ee8b439f02c16e47d99b983cc6ba05663ee9afdb10056dd44
5d78bc6e2defbc823770a1d78fe6db355c2e502e548de2a335c9a7a02c8718e1
5e7cd7f75d3498f25fdf1a35528552f2ee0ef1ba0bc8b933b33c52b1e9ea504d
5ea10287d4ebdda92b6ead9f13c6322af78e3fd898735f89b63edc096a625bd6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
6512a1f170f5d16039df9e723da7ce3fb0720b2047a14062600956bcadffebd6
652b69c4bc58e6f9f6b5f5e642d3762e1ceacf745e7f1cedce72fced9ffb6655
6823e5add77f6eaec0e4e8a866a90d339a572e6dfed67228fbbd6c01d74c62ed
6990b6a5773c4a97e34bb01bdaf1ec0aefd719f70e403798b2196bcd9d00237c
6ec36b3a15fd6c3a66e471654eb7b1928ca9d7cdd65166fad626afc6afe4205d
716041efdb4414a3094243ecd3725ea02dd514734d7183e1b746c47b50da5005
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
72eef0ef9440eb9509b3e7f37fae2e83ade79179cbcd0b77b04e075e75640fb5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
7d26a4011788685c877221572628843630489e0502244929a7362ac0cc03712f
7d8167e81a60c39c15a67f53529b6c0f32ed1815f3726abcb96f923a18ae29a5
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
802e3b837735808bb88c3e02f57828bf2d7905abbacca54a8e6b3caf6c7a96e0
803a4612c43268594cc913e0a6259b0642284d51d391ed43c883c49ed45b6120
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b5ac4c53baf09ca8a4e36c4e86ef2902ec917a2aebd3c861af7816b003007f
84482e374667508c6c938cb184cb92c732a4870d38bbe9564b1290091905afac
84fb54cb14dd5babdf4bf50c9a3ccc39b0d30d2899e6443cc7d5288b53f71c58
886ba39927e1263aa66bd76d1d551c931e8af7941863574151857e073d18d1a6
8b997f49575f783705822d33c15bb1f8b3ea4e770c972ece38ecc9f628ae01a9
8d0f5fcb0f433ea61d20801e512a16a62efba126d01e607911fd1d014e8dbc98
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
947ea0259f58d0d3fa8f9d6f87ba299d4cc4379be52886936c56f358da9a5787
95264f18a14d65f84244e149132ccb725ca676f1c76b491d940fb7b72a39f84c
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97cfcfd111e7ca2f439c0f65a65427fe462994af519b8db6f2f7832e3ee0a1c4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e272eeb1d90d7b4a8a6d4989f01ae6623869fd67f5a5647b87f2db3598fdb0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d5d46a45268bceb83ad115c3558d8b121b69bb6743612a48db8218c8f4da7e
9baa8eb6faa6c0051fcfbd49b870de9fade44bca484e071dc064b5895be93908
a1081c94d81630d62359bd0ccc515e7bdf63265f7ee85e2caa71ae284860d30b
a37d909313227e4b4695af79ad01101828c85340a7003d11f59bd3b85fffc02a
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a530fb35e4a9b32234ebde9b11bf6769fe07852f8c3c60cc37c75a8b2334ec93
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a7406b1bc29dc8502982b8eb273114577bc1667f975bc1798e9b89a0587a7a81
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
afc70bfc5406877816229d5d0b7de4ba27eb604003ad3989fa34775256117a89
b570c431e129afba8d3eed8a9a0885cdfff5d06815e5742db1c8e813bd32a705
b8a8c446732138bdede734f93198aea5574f683ccd06dca8f8100d8190d3ab81
c12e4956bde7c6508d0a31d9d196e8d070f878e2ae5d5ecd57a16ef87017061f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c245c9c2413a010a24854d7699059a0ddd1df11874328a0ad61f007dda819e46
c417de5b6f37317cb6e04bf558a15e3424b6f3b1bb8398bff31cb7fda3541528
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d45c06c55c862f8ca80402ac23b22db6a5db57f23d13271334db0c6f7cdb5527
d627900b06adc1b2d1e80f4470022ac155f5a20f6a3455907f3f6124867961ba
d8231f16c78e8efeee54f23b864a257a78100fb6a2eb2cb21a4c7c5adc492976
d8fee409c09618c9d9a4e3f49f884bbd64a78d4995690a489b70c138495c91ba
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e07ece553d71d3a30af119f31f36182c3ed0498355b0cbb66b2a60b8ad7e7f62
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cc61c0f826899b7b1938330ae85ff6d9d951439c2917c7daa0812d83f14643
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eb959a6e70b5c2d5085c8290c94cd35f4349bf542fd97ca61ff78830255c0997
ec92c4b4a377ba285925a4d232c84ac815dd8131af9adec8f7a240179e05b0c3
ee687d9f09bbbe875ce0347545766ec1d1ed390d2b53500935f1b46515a97ab3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2791a84e8b5ed85b9c4001360d543913aa36976a0b5108b662d2310c9b6ec69
f402f5298c2df1fe758b9ea3f79dd4f27d7b67b460ae5230044e46feef509e53
f46b06592cb0eb9cd7692ea7714762c0e9a573fefe788dcd57dbe6a7699947a1
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f703ce46e3cdc6222e2b657547d7291491673587a4d15b63e145de23163239d4
f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d
fa9b924adf8dc54823c42e8a67ea784bd6cc71a60d407aa6c32c8e41c0b0f06f
fe50466edcdac1192aa7a5bebb69e57134216d66dc920c3611ce267751d1643b
ff0b9c1b7e11150b2ea533f72f2c8cd8859b68e20871245196c2e288b6f59dc1

www.metrotvnews.com Open in urlscan Pro 103.225.66.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

216 Requests

91 %HTTPS

28 %IPv6

64 Domains

96 Subdomains

71 IPs

15 Countries

2310 kBTransfer

6020 kBSize

78 Cookies

18 Outgoing links

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.metrotvnews.com Open in urlscan Pro
103.225.66.90 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

91 %
HTTPS

28 %
IPv6

64
Domains

96
Subdomains

71
IPs

15
Countries

2310 kB
Transfer

6020 kB
Size

78
Cookies

216 HTTP transactions
7 data transactions