www.express.com.pk Open in urlscan Pro
2606:4700::6810:5655 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.express.com.pk/
Effective URL:
https://www.express.com.pk/
Submission: On November 26 via manual (November 26th 2019, 9:35:05 am UTC) from SA

Summary HTTP 71 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 10 domains to perform 71 HTTP transactions. The main IP is 2606:4700::6810:5655, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.express.com.pk.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 28th 2019. Valid for: 6 months.

This is the only time www.express.com.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	2606:4700::68... 2606:4700::6810:5655	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
14	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
12	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	185.33.223.218 185.33.223.218	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	2.19.38.84 2.19.38.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	69.173.144.152 69.173.144.152	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	34.243.93.43 34.243.93.43	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
71	15

31 2606:4700::6810:5655 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.express.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.218 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.38.84 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-84.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 161.72.190.35.bc.googleusercontent.com

fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

uk-ads.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	express.com.pk 1 redirects www.express.com.pk	337 KB
13	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	257 KB
9	googletagservices.com www.googletagservices.com	218 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	360 B
5	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com s.update.rubiconproject.com eus.rubiconproject.com	11 KB
4	openx.net 1 redirects uk-ads.openx.net eu-u.openx.net	18 KB
2	adnxs.com 1 redirects secure.adnxs.com	885 B
2	google.de adservice.google.de	355 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	fqtag.com fqtag.com
71	10

	Domain	Requested by
31	www.express.com.pk	1 redirects www.express.com.pk securepubads.g.doubleclick.net
12	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.express.com.pk
9	www.googletagservices.com	www.express.com.pk securepubads.g.doubleclick.net optimized-by.rubiconproject.com
3	pagead2.googlesyndication.com
3	uk-ads.openx.net	1 redirects securepubads.g.doubleclick.net www.express.com.pk
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
2	secure.adnxs.com	1 redirects www.express.com.pk
2	adservice.google.de	www.googletagservices.com
2	www.google-analytics.com	1 redirects www.express.com.pk
1	eu-u.openx.net	uk-ads.openx.net
1	fqtag.com	www.express.com.pk
1	eus.rubiconproject.com	www.express.com.pk
1	s.update.rubiconproject.com	www.express.com.pk
1	beacon-eu2.rubiconproject.com	www.express.com.pk
1	optimized-by.rubiconproject.com	ads.rubiconproject.com
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.express.com.pk
71	17

This site contains links to these domains. Also see Links.

Domain
www.express.pk
tribune.com.pk
express.com.pk
live.express.pk
twitter.com
www.facebook.com
www.youtube.com
www.addthis.com

Subject Issuer	Validity	Valid
ssl462699.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-28` - `2020-01-04`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
kazfv.com Sectigo ECC Domain Validation Secure Server CA	`2019-06-05` - `2020-06-04`	a year	crt.sh
*.fqtag.com Let's Encrypt Authority X3	`2019-10-15` - `2020-01-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh

This page contains 6 frames:

Primary Page: https://www.express.com.pk/
Frame ID: D3F2C7D793A002B05BA815A6552B0893
Requests: 38 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTiXhX0RdvqXxkTbT_1zEAyrhlXoz1z16kn4N8ZUBqjeDcquRXbLM6Hvj3PVy71cf2lUtGXS97CQczJR1XBsDhjf-E_c6GAgzcP_6vgXlkQWQPLfJyZdNZgaGiVYNok54p6mouG6BnG09A4yDxfg12_XqNpxL5cG8r4DjtdV_KINUR7jfERs3-1ERlpl38YKuXd4bN_VC7Vxv4DwggcbIbuu8ZqZ3ybQWdVN20sWbOnQooLumPrvwUL1Gs4buUOZImPRUBLTl0lx7OlOVia4Y-nkVo&sai=AMfl-YQsbkKjhH7mqlR_gp80hMZH0V_wk-Mw9G_r2_s6zwvc4L82j-GEQCcrif_3franxUSlxfzu2eFzLohW1qEdgfSOu2RWLq5MtJg6dDNX&sig=Cg0ArKJSzOrFo7SrEDHOEAE&urlfix=1&adurl=
Frame ID: 5F0A84155ECD8B865248ED011058B8CC
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWqeTrn9rLm3ydYdBwVEn-JgdJYjoacUJWn5bZPu_qZOr5R6AZja6PKnrB-3FAeOCODMTUyvbfsMEXdcLxlS96e2OM-6wdZ9AmHA2kk_2TnsFE4FLh7CxHNnO8thoFZu-PV9Qi5XKaOvlQ0DIqilBLUdZCxI16Ma9hP9F9RGnLEhc4lvf_5Q-yxcDsliEgycbdbJu-zmkxSl0AEsLjAqYjWrkadjRWvFATHSRugWZpwFp-SuX2Wr89O3PWWO1YzMZcY4Cg6izTxRTQ0qYKZgUBSS6egqbtARZeL4lwyV8QZIzX-rXZU0GKoMHvGmD40dhrSjg&sig=Cg0ArKJSzBWh5reHV5HeEAE&urlfix=1&adurl=
Frame ID: 2E6D9D18B7668AA3D3CF0B428CA86482
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 3C63258BE93731DB04F99128963A7F27
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwySDFPP3zFjnels_p_rI-wme1wOwTzSXrXMQfO43vGcT5Vn4z1IKSdPedWBzbzuPKXjO4lXdLSx_hOJkC6DFrM6GJ2axD_8cfY4zT-_JHJtXsGw_Gfue20S6NjvH54lgTJmlv1WEHFbxGavhYLO6q2ipe2eSZAk87VOhMPMHWk6_ABaxYd2PYbphg4NFHAb8qpr-OEHUmscVH37ADI6gtW8B29n4MkliSucdl9HcSpFGkLPs98FQJkB8qqWVytQuo5BqDRq2RO-NEheFOux8ra5IOOGJI3CBj8PWIekOQPTFbQ3-8KRQ2TPro_MbKwB2WeBcd9Kw&sig=Cg0ArKJSzLk7sYUurmBAEAE&urlfix=1&adurl=
Frame ID: CCEE26BF5B8BA42B753F571CEE24F68F
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=50ab0170-10fc-4aec-b816-8e01043433e7
Frame ID: 381C1CFC1F765972FA9676FB0A373792
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.express.com.pk/ HTTP 301
https://www.express.com.pk/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

71
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

17
Subdomains

15
IPs

6
Countries

858 kB
Transfer

1755 kB
Size

4
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.express.pk/
Title: DAILY EXPRESS

Search URL Search Domain Scan URL

URL: https://tribune.com.pk/
Title: THE EXPRESS TRIBUNE

Search URL Search Domain Scan URL

URL: https://express.com.pk/epaper/
Title: URDE E-PAPER

Search URL Search Domain Scan URL

URL: https://tribune.com.pk/epaper/
Title: ENGLISH E-PAPER

Search URL Search Domain Scan URL

URL: https://live.express.pk/
Title: WATCH EXPRESS NEWS LIVE

Search URL Search Domain Scan URL

URL: https://twitter.com/Roznama_Express

Search URL Search Domain Scan URL

URL: https://www.facebook.com/expressnewspk

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ExpressnewsOnline247

Search URL Search Domain Scan URL

URL: http://www.addthis.com/bookmark.php?v=250&pub=express

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.express.com.pk/ HTTP 301
https://www.express.com.pk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1510987743&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.com.pk%2F&ul=en-us&de=UTF-8&dt=Daily%20Express%20Urdu%20Newspaper%20%7C%20Latest%20Pakistan%20News%20%7C%20Breaking%20News&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=937850989&gjid=2068334126&cid=2041722282.1574760889&tid=UA-10383371-1&_gid=1433144797.1574760889&_r=1&z=1974919805 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=2041722282.1574760889&jid=937850989&_gid=1433144797.1574760889&gjid=2068334126&_v=j79&z=1974919805

Request Chain 47

https://secure.adnxs.com/seg?add=5639373&t=2 HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5639373%26t%3D2

Request Chain 67

https://uk-ads.openx.net/w/1.0/acj?ai=7a3f5f04-b96b-4e6e-9621-7e7b3318af1b&o=6351223403&callback=OX_6351223403&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1 HTTP 302
https://uk-ads.openx.net/w/1.0/acj?cc=1&ai=7a3f5f04-b96b-4e6e-9621-7e7b3318af1b&o=6351223403&callback=OX_6351223403&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1

71 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.express.com.pk/
Redirect Chain

http://www.express.com.pk/
https://www.express.com.pk/

13 KB
4 KB

575ms
541ms

Document
text/html

2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7c79bc810ede95d77eeba7a6a24b56614a2f2a069091f6599dc16d35aa6d670a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Host: www.express.com.pk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d1dadc36e1ac3d5729fb9c4dfba7962a91574760887; expires=Thu, 26-Dec-19 09:34:47 GMT; path=/; domain=.express.com.pk; HttpOnly
Cache-Control: private, max-age=7200
Vary: Accept-Encoding
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Frame-Options: deny
CF-Cache-Status: EXPIRED
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 53bade5c894dcb9c-VIE
Content-Encoding: gzip

Redirect headers

Date: Tue, 26 Nov 2019 09:34:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 26 Nov 2019 10:34:47 GMT
Location: https://www.express.com.pk/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 53bade5c2f1d59dc-VIE

GET
H/1.1 200
OK front-style.css
www.express.com.pk/css/ 6 KB
3 KB 461ms
461ms Stylesheet
text/css 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.express.com.pk/css/front-style.css?v=3

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

14612f3ed35e1c31b1784c6cfc0ba55727b4e41c3b35b7e12441197be121799e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: REVALIDATED
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 2345
Last-Modified: Fri, 22 Sep 2017 08:32:15 GMT
Server: cloudflare
ETag: "90378f4b7d33d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 53bade5fe898cb9c-VIE

GET
H/1.1 200
OK twt.png
www.express.com.pk/Images/frontpage/ 1 KB
2 KB 49ms
23ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/twt.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f1fdea430c24da4baa4534585b722158cd4158fc27583b2057daa53df9ee62d4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121137
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1482
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "acc8e7f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade6018e4598e-VIE

GET
H/1.1 200
OK fb.png
www.express.com.pk/Images/frontpage/ 1 KB
2 KB 50ms
25ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/fb.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e0aa3ab0c40d93b04a810b8fcd2b90be7d04cc2cc342c4bff2091072cb172697

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121137
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1414
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "6ca96af14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade601895cbb8-VIE

GET
H/1.1 200
OK yt.png
www.express.com.pk/Images/frontpage/ 2 KB
2 KB 54ms
28ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/yt.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e14aa3e531eddc18b162b6c73d5617dd154f30cb141a5f62746092223f1a9b1f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121137
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1575
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "dc3de8f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade601e0fcbc4-VIE

GET
H/1.1 200
OK share.png
www.express.com.pk/Images/frontpage/ 1 KB
2 KB 48ms
22ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/share.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

73af7abce20397b5d04820a6d53b9e3cd876be79e2a48e96710220fb4f6a47d5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121137
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1478
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "6c68ddf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade601bca5940-VIE

GET
H/1.1 200
OK logo.png
www.express.com.pk/Images/frontpage/ 24 KB
24 KB 54ms
24ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/logo.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c0e7f35af9cbc4b0f438886831131cedf216e59f54a45fdcc8caceaecf3270b4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 158834
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 24426
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "3c1facf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade601b8b8cb6-VIE

GET
H/1.1 200
OK lhr.png
www.express.com.pk/Images/frontpage/ 4 KB
4 KB 18ms
18ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/lhr.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f5edad836296371cf3e554be8498c70faa2383ca1dc53ddff01bd50b6facca07

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121137
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 3679
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "6c9b96f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade60390e598e-VIE

GET
H/1.1 200
OK 20191126-NP_LHE-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_LHE/20191126/ 15 KB
16 KB 19ms
18ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_LHE/20191126/20191126-NP_LHE-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b37f0bd192ebc9e3a6a97887b361245387f0875478490c1bd9bd1a0e990f2c29

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38390
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15627
Last-Modified: Mon, 25 Nov 2019 22:18:00 GMT
Server: cloudflare
ETag: "01c5832dea3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade603bdf5940-VIE

GET
H/1.1 200
OK khi.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 21ms
20ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/khi.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0074816bcfbabac978270afd1358a34fe3d5b752ffae49ee897ea59b261e089c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121137
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4174
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "5c394f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade6038fbcbb8-VIE

GET
H/1.1 200
OK 20191126-NP_KHI-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_KHI/20191126/ 15 KB
16 KB 21ms
21ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_KHI/20191126/20191126-NP_KHI-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b1847c6c08e8ae78baa6fab499b662881db76b17b02f60da9514921fe3f15a4f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38389
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15505
Last-Modified: Mon, 25 Nov 2019 22:01:50 GMT
Server: cloudflare
ETag: "0db2df0dba3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade604e85cbc4-VIE

GET
H/1.1 200
OK isl.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 17ms
17ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/isl.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3f2b53632d1d95a577276234fec15bc0e96c87b8d683763415c6d0fbc9d232c0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121136
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4164
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "ac28bf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade604b9a8cb6-VIE

GET
H/1.1 200
OK 20191126-NP_ISB-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_ISB/20191126/ 15 KB
16 KB 20ms
20ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_ISB/20191126/20191126-NP_ISB-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9f2f5b6320696c81056a1541e3b5375524f994733137065a399e636e10afad48

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38389
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15850
Last-Modified: Mon, 25 Nov 2019 21:35:54 GMT
Server: cloudflare
ETag: "019bb50d8a3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade60592b598e-VIE

GET
H/1.1 200
OK fsb.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 18ms
18ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/fsb.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

35cb4b9940825c4c2f7defefa13df5921724e9ab9788b639a4e2f0028ea5489a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 168134
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4543
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "2c247bf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade605bf25940-VIE

GET
H/1.1 200
OK 20191126-NP_FSB-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_FSB/20191126/ 15 KB
16 KB 19ms
19ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_FSB/20191126/20191126-NP_FSB-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

9a0cc2292bfa7a94f1e4b51a15dd1842a02406e6c70d219964085321d4df451a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38389
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15685
Last-Modified: Mon, 25 Nov 2019 21:57:00 GMT
Server: cloudflare
ETag: "05e5343dba3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade605965cbb8-VIE

GET
H/1.1 200
OK grw.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 19ms
18ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/grw.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

98721b450811b2fe2cddebae5ff4c5fd315b053642ae42fdb32c26fa667d4c0d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121136
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4245
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "5c2879f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade606ba98cb6-VIE

GET
H/1.1 200
OK 20191126-NP_GRW-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_GRW/20191126/ 14 KB
15 KB 19ms
18ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_GRW/20191126/20191126-NP_GRW-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3b11905d79f5c34555a6783d678f3d42b21d284b7da040a4ca971cba5adbcdf9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38389
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 14793
Last-Modified: Mon, 25 Nov 2019 21:39:12 GMT
Server: cloudflare
ETag: "080bfc6d8a3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade606ed1cbc4-VIE

GET
H/1.1 200
OK mltn.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 20ms
17ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/mltn.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

85a5dd64e656070599d0a96559978c3e6c25331c541d936c3173e8e859bce64f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121136
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4130
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "9c9adf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade607c025940-VIE

GET
H/1.1 200
OK 20191126-NP_MUX-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_MUX/20191126/ 15 KB
16 KB 19ms
18ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_MUX/20191126/20191126-NP_MUX-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

6a6eda185b02422fbecafe3683f216ff871fb4b0af25675f09701d5dd0e03261

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38389
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15815
Last-Modified: Mon, 25 Nov 2019 21:26:20 GMT
Server: cloudflare
ETag: "0a699fad6a3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade608959598e-VIE

GET
H/1.1 200
OK pshwr.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 20ms
19ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/pshwr.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

50e938bcbaa5a719109d7f76b5f7b77839dce58ea0b083b7abf1b1f1d75dc51c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121136
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4141
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "fcabff14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade608bb78cb6-VIE

GET
H/1.1 200
OK 20191126-NP_PEW-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_PEW/20191126/ 16 KB
16 KB 19ms
18ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_PEW/20191126/20191126-NP_PEW-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a80197b2b583a8816b57cccbf53d823366cf7cce03c53228240be6854a6b5370

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38389
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15884
Last-Modified: Mon, 25 Nov 2019 21:47:10 GMT
Server: cloudflare
ETag: "083a8e3d9a3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade6089cfcbb8-VIE

GET
H/1.1 200
OK ryk.png
www.express.com.pk/Images/frontpage/ 5 KB
6 KB 19ms
19ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/ryk.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0a6e1708ce703ce5e43f81f4888e21d372575d629605a1d672c974c18005d41d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121116
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 5327
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "ccffd6f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade608f26cbc4-VIE

GET
H/1.1 200
OK 20191126-NP_RYK-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_RYK/20191126/ 15 KB
16 KB 19ms
18ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_RYK/20191126/20191126-NP_RYK-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7f0f6249c431fe482b8d8de14a95e43289786db7c3abac18907e63fd5cc1ecb3

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38389
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15855
Last-Modified: Mon, 25 Nov 2019 21:32:20 GMT
Server: cloudflare
ETag: "04a2dd1d7a3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade609c1b5940-VIE

GET
H/1.1 200
OK sgd.png
www.express.com.pk/Images/frontpage/ 5 KB
5 KB 19ms
17ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/sgd.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

00a89d9cf75b9e410e7ac477b8f96f702b73d9c3707c043fa5701692609c91c5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121135
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4741
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "acb1d6f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade60a97d598e-VIE

GET
H/1.1 200
OK 20191126-NP_SGD-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_SGD/20191126/ 15 KB
16 KB 17ms
16ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_SGD/20191126/20191126-NP_SGD-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c1cf6c85452f2090ce4402bfb80cb7ed6eafea618f478c67c49c22b226d025ac

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38388
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15559
Last-Modified: Mon, 25 Nov 2019 21:52:18 GMT
Server: cloudflare
ETag: "0953d9bdaa3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade60abca8cb6-VIE

GET
H/1.1 200
OK suk.png
www.express.com.pk/Images/frontpage/ 843 B
1 KB 20ms
19ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/suk.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0d502bb04e3c35ff0b4f87e34b31dea146ca502c5f0a39f0b783a9861e71ddde

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121135
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 843
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "c60e1f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade60aa48cbb8-VIE

GET
H/1.1 200
OK 20191126-NP_SUK-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_SUK/20191126/ 15 KB
16 KB 20ms
19ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_SUK/20191126/20191126-NP_SUK-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

68f42ddc43509a8c4bb83058974dc9cd3029c66c8adb94c9240f9afdaf9a6025

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38388
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15839
Last-Modified: Mon, 25 Nov 2019 21:42:06 GMT
Server: cloudflare
ETag: "0cb752ed9a3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade60af92cbc4-VIE

GET
H/1.1 200
OK quta.png
www.express.com.pk/Images/frontpage/ 4 KB
4 KB 17ms
17ms Image
image/png 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/quta.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

af1b12436c3969e38b246c835981f84b9c17b891acf3ea82ee56e3b69be5fca9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121135
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4020
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "3cbed0f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade60bc2c5940-VIE

GET
H/1.1 200
OK 20191126-NP_QTA-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_QTA/20191126/ 15 KB
16 KB 17ms
17ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_QTA/20191126/20191126-NP_QTA-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c424a7cc857ce0cdaf1cfcc3f6994f26e70a5f20125badb8155bbab86a734ba8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 38388
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15756
Last-Modified: Mon, 25 Nov 2019 22:07:10 GMT
Server: cloudflare
ETag: "0fbe9aedca3d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade60c995598e-VIE

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 51 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ff5fe4ae718314b3589c7afd949e0d021d20f681c8417439c6e96559996595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "348 / 293 of 1000 / last-modified: 1574707045"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15675
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:48 GMT

GET
H2 200 pubads_impl_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ 159 KB
59 KB 52ms
39ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59620
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:48 GMT

GET
H/1.1 200
OK front-bg.jpg
www.express.com.pk/Images/ 75 KB
75 KB 31ms
31ms Image
image/jpeg 2606:4700::6810:5655
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/front-bg.jpg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b2ce356ce7c50209ad7f56eaaa3a3f0790b66ea8aa9f6cdd1c9c273c0769e22c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/css/front-style.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 121136
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 76693
Last-Modified: Sun, 30 Jul 2017 15:48:27 GMT
Server: cloudflare
ETag: "2c32da484b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: max-age=172800
Accept-Ranges: bytes
CF-RAY: 53bade62d80dcb9c-VIE

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 253ms
253ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4325672139600582&correlator=1253198950105234&output=ldjh&impl=fifs&eid=21064824%2C21062452&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191126&iu_parts=11952262%2Cexpresscompk-home-lb&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pos%3Datf&cust_params=site%3Dexpresscompk%26expresscompk_page%3Dhome%26device%3DDesktop&cookie_enabled=1&bc=31&abxe=1&lmt=1574760888&dt=1574760888775&dlt=1574760888299&idt=136&frm=20&biw=1585&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=3549282267&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.express.com.pk%2F&dssz=5&icsg=10&std=0&csl=108&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x-1&msz=972x-1&ga_vid=2041722282.1574760889&ga_sid=1574760889&ga_hid=1510987743&fws=644&ohw=972

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7e442a990ec607e07d930886208c3ece345836cb0e5968ad907e2a497666acdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2084
x-xss-protection: 0
google-lineitem-id: 4474154833
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138215481875
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.express.com.pk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ 65 KB
25 KB 40ms
40ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25219
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:48 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 0
0 18ms
6ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3671
date: Tue, 26 Nov 2019 08:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 26 Nov 2019 10:33:37 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1510987743&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.com.pk%2F&ul=en-us&de=UTF-8&dt=Daily%20Express%20Urdu%20Newspaper%20%7C%20Latest%20Pa...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=2041722282.1574760889&jid=937850989&_gid=1433144797.1574760889&gjid=2068334126&_v=j79&z=1974919805

35 B
109 B

14ms
14ms

Image
image/gif

2a00:1450:400c:c08::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=2041722282.1574760889&jid=937850989&_gid=1433144797.1574760889&gjid=2068334126&_v=j79&z=1974919805

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Tue, 26 Nov 2019 09:34:48 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Nov 2019 09:34:48 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=2041722282.1574760889&jid=937850989&_gid=1433144797.1574760889&gjid=2068334126&_v=j79&z=1974919805
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5F0A 0
0 17ms
17ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTiXhX0RdvqXxkTbT_1zEAyrhlXoz1z16kn4N8ZUBqjeDcquRXbLM6Hvj3PVy71cf2lUtGXS97CQczJR1XBsDhjf-E_c6GAgzcP_6vgXlkQWQPLfJyZdNZgaGiVYNok54p6mouG6BnG09A4yDxfg12_XqNpxL5cG8r4DjtdV_KINUR7jfERs3-1ERlpl38YKuXd4bN_VC7Vxv4DwggcbIbuu8ZqZ3ybQWdVN20sWbOnQooLumPrvwUL1Gs4buUOZImPRUBLTl0lx7OlOVia4Y-nkVo&sai=AMfl-YQsbkKjhH7mqlR_gp80hMZH0V_wk-Mw9G_r2_s6zwvc4L82j-GEQCcrif_3franxUSlxfzu2eFzLohW1qEdgfSOu2RWLq5MtJg6dDNX&sig=Cg0ArKJSzOrFo7SrEDHOEAE&urlfix=1&adurl=

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Nov 2019 09:34:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5F0A 51 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ff5fe4ae718314b3589c7afd949e0d021d20f681c8417439c6e96559996595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "348 / 852 of 1000 / last-modified: 1574707045"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15675
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F0A 76 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29138
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29338
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 pubads_impl_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5F0A 159 KB
58 KB 39ms
39ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59620
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 5F0A 113 B
179 B 14ms
14ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.express.com.pk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5F0A 4 KB
2 KB 238ms
238ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2625990632609148&correlator=2773565613586815&output=ldjh&impl=fifs&eid=21062752%2C21062819%2C21065105&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A268435456%2C2%3A268435456%2C8%3A268435456&sc=1&sfv=1-0-36&ecs=20191126&iu_parts=229445249%2CDWTag-DFPNew_RS70_Expresscompk_Banner_728x90_311017&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3D401a92792b61f656%3AT%3D1574760888%3AS%3DALNI_MbI1caTo-Z-bbtN2H5955GBIHsQGA&cdm=www.express.com.pk&bc=31&abxe=1&lmt=1574760889&dt=1574760889181&dlt=1574760889039&idt=138&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=1097&adks=1743388791&ucis=ufreyv1cuz4t&ifi=1&ifk=1555028292&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.express.com.pk%2F&top=https%3A%2F%2Fwww.express.com.pk%2F&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=2041722282.1574760889&ga_sid=1574760889&ga_hid=1752677875&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

79555a97b6b55448dded769d3a15e8b726fff8c35cfd0b1abb0167a080a7d8b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2185
x-xss-protection: 0
google-lineitem-id: 4474657130
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234335570
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.express.com.pk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5F0A 65 KB
25 KB 39ms
39ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25219
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 5F0A 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5F0A 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c7b27d9c0ecc261353a61fcd969486320bd5dd6487381c11e24e4761fb50685

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2E6D 0
0 19ms
18ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWqeTrn9rLm3ydYdBwVEn-JgdJYjoacUJWn5bZPu_qZOr5R6AZja6PKnrB-3FAeOCODMTUyvbfsMEXdcLxlS96e2OM-6wdZ9AmHA2kk_2TnsFE4FLh7CxHNnO8thoFZu-PV9Qi5XKaOvlQ0DIqilBLUdZCxI16Ma9hP9F9RGnLEhc4lvf_5Q-yxcDsliEgycbdbJu-zmkxSl0AEsLjAqYjWrkadjRWvFATHSRugWZpwFp-SuX2Wr89O3PWWO1YzMZcY4Cg6izTxRTQ0qYKZgUBSS6egqbtARZeL4lwyV8QZIzX-rXZU0GKoMHvGmD40dhrSjg&sig=Cg0ArKJSzBWh5reHV5HeEAE&urlfix=1&adurl=

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Nov 2019 09:34:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 2E6D
Redirect Chain

https://secure.adnxs.com/seg?add=5639373&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5639373%26t%3D2

43 B
0

13ms
12ms

Fetch
image/gif

185.33.223.218
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5639373%26t%3D2

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.218 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Nov 2019 09:34:51 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.44:80
AN-X-Request-Uuid: 00a87b7d-fef2-495f-937e-2bbfb96003f4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 26 Nov 2019 09:34:51 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.50:80
AN-X-Request-Uuid: 3701ed94-e40e-4441-87bc-0dfefe2c321f
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5639373%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 13732.js Show response
ads.rubiconproject.com/ad/ Frame 2E6D 26 KB
8 KB 44ms
25ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/13732.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:49 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10839
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Tue, 26 Nov 2019 12:35:28 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E6D 76 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29138
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F0A 78 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29338
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H/1.1 200
OK 761730-2.js Show response
optimized-by.rubiconproject.com/a/13732/65446/ Frame 2E6D 2 KB
2 KB 81ms
46ms Script
text/javascript 69.173.144.140
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/13732/65446/761730-2.js?&cb=0.4109311016788635&tk_st=1&rf=https%3A//www.express.com.pk/&tk_sf=1&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=65446_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/13732.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 250c71cb76b167e6293c3114966da2e156fd194ef04b2bdfb924b6873912d883

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Nov 2019 09:34:49 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=176
Content-Length: 1060
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2E6D 51 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/13732/65446/761730-2.js?&cb=0.4109311016788635&tk_st=1&rf=https%3A//www.express.com.pk/&tk_sf=1&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=65446_2&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ff5fe4ae718314b3589c7afd949e0d021d20f681c8417439c6e96559996595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "348 / 265 of 1000 / last-modified: 1574707045"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15675
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H/1.1 200
OK b8ed7694-f131-41ba-a720-ab830970e400
beacon-eu2.rubiconproject.com/beacon/d/ Frame 2E6D 43 B
268 B 37ms
9ms Image
image/webp 69.173.144.152
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/b8ed7694-f131-41ba-a720-ab830970e400?oo=0&accountId=13732&siteId=65446&zoneId=761730&sizeId=2&e=6A1E40E384DA563B7B93E8708E4D518EDE0F35AE26CCC47775700C6EDF12833E3A140931E5ACAAF65F42C1E8F27103EF6D748C0D8D7FAA22D7447A66596D68F63E850DE0615B67D4733E34163CF33661AC237D6FA0EBFC9A6240B348FC26EBCFC6C18142CCE1863F75F4D021E012C9D0506DA3A6D33A1C7283009FDB9DE7981633F8630F2FDB6069
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Nov 2019 09:34:48 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H2 200 pubads_impl_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2E6D 159 KB
58 KB 40ms
39ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59620
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 2E6D 113 B
176 B 15ms
15ms Script
application/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.express.com.pk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2E6D 5 KB
2 KB 44ms
44ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4317818020363130&correlator=3211875764045203&output=ldjh&impl=fifs&eid=21062833&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A268435456%2C2%3A268435456%2C8%3A268435456&sc=1&sfv=1-0-36&ecs=20191126&iu_parts=229445249%2CDWTag-DFPNew_PB_RS70_Expresscompk_Banner_728x90_311017&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=2&cookie=ID%3D401a92792b61f656%3AT%3D1574760888%3AS%3DALNI_MbI1caTo-Z-bbtN2H5955GBIHsQGA&cdm=www.express.com.pk&bc=31&abxe=1&lmt=1574760889&dt=1574760889666&dlt=1574760889424&idt=238&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adxs=429&adys=1097&adks=3673565872&ucis=lorxu37hnpxw&ifi=1&ifk=2488504456&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwww.express.com.pk%2F&top=https%3A%2F%2Fwww.express.com.pk%2F&dssz=11&icsg=90&mso=1&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=2041722282.1574760889&ga_sid=1574760890&ga_hid=1976109922&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e566b962ada9848742384a88273b7f47e697a658a1a517fec8e9130fee3d0a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2347
x-xss-protection: 0
google-lineitem-id: 5156105652
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138235408210
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.express.com.pk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2E6D 65 KB
25 KB 40ms
40ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25219
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 2E6D 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame 2E6D 0
75 B 125ms
29ms Script
text/plain 34.243.93.43
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/873648/analytics.js?si=65446&di=www.express.com.pk&ap=&dm=2&pi=761730&ti=b8ed7694-f131-41ba-a720-ab830970e400&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=8736481428691810142000
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 26 Nov 2019 09:34:48 GMT
Content-Length: 0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 3C63 0
0 23ms
7ms Document
text/html 23.37.55.184
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.express.com.pk/
Accept-Encoding: gzip, deflate, br
Cookie: khaos=K3FNZ2YC-1W-CP9A; rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses2=65446^1; vis2=65446^1; audit=1|hLZGFuTafB07PRBjypG8p+99qzxPzGzox2rfCICpzqNWgP3uO+wNOmjfyUnBldoGuUAB3AaiG0bgcRgjl6EitTU5Y/bRpRko
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding: gzip
Content-Length: 7459
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=47080
Expires: Tue, 26 Nov 2019 22:39:29 GMT
Date: Tue, 26 Nov 2019 09:34:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 2E6D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d354400d9e8c67ae34e4b0fa332830f2e8d5a70a08256bf1779b77e88224c794

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CCEE 0
0 18ms
17ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwySDFPP3zFjnels_p_rI-wme1wOwTzSXrXMQfO43vGcT5Vn4z1IKSdPedWBzbzuPKXjO4lXdLSx_hOJkC6DFrM6GJ2axD_8cfY4zT-_JHJtXsGw_Gfue20S6NjvH54lgTJmlv1WEHFbxGavhYLO6q2ipe2eSZAk87VOhMPMHWk6_ABaxYd2PYbphg4NFHAb8qpr-OEHUmscVH37ADI6gtW8B29n4MkliSucdl9HcSpFGkLPs98FQJkB8qqWVytQuo5BqDRq2RO-NEheFOux8ra5IOOGJI3CBj8PWIekOQPTFbQ3-8KRQ2TPro_MbKwB2WeBcd9Kw&sig=Cg0ArKJSzLk7sYUurmBAEAE&urlfix=1&adurl=

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Nov 2019 09:34:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.cgi
fqtag.com/ Frame CCEE 35 B
0 72ms
14ms Fetch
image/gif 35.190.72.161
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fqtag.com/pixel.cgi?p=5156105652&a=21663126586&cmp=2172221679&org=jb4kOxROhJF9qP459em1&rt=displayImg&sl=1&fmt=banner&rd=https://www.express.com.pk/&c1=157131649&c3=228445369
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 161.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Nov 2019 09:34:49 GMT
via: 1.1 google
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: 0

GET
H2 200 jstag Show response
uk-ads.openx.net/w/1.0/ Frame CCEE 47 KB
17 KB 33ms
19ms Script
text/javascript 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-ads.openx.net/w/1.0/jstag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: b060a5742006eca4261d044f66038ee46057fb2483ad876f72e122f8648f190f

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
server: OXGW/16.167.2
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 17542
via: 1.1 google
expires: Tue, 26 Nov 2019 10:34:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCEE 76 KB
29 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29138
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E6D 78 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Nov 2019 09:34:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29338
x-xss-protection: 0
expires: Tue, 26 Nov 2019 09:34:49 GMT

GET
H2

200

acj Show response
uk-ads.openx.net/w/1.0/ Frame CCEE
Redirect Chain

https://uk-ads.openx.net/w/1.0/acj?ai=7a3f5f04-b96b-4e6e-9621-7e7b3318af1b&o=6351223403&callback=OX_6351223403&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=p...
https://uk-ads.openx.net/w/1.0/acj?cc=1&ai=7a3f5f04-b96b-4e6e-9621-7e7b3318af1b&o=6351223403&callback=OX_6351223403&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&...

342 B
605 B

23ms
23ms

Script
application/json

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-ads.openx.net/w/1.0/acj?cc=1&ai=7a3f5f04-b96b-4e6e-9621-7e7b3318af1b&o=6351223403&callback=OX_6351223403&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: fecc9242fbbcda0e88b5ed9d340c4bc6646dd6c7e422546baedaa826366fabc2

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Nov 2019 09:34:49 GMT
via: 1.1 google
server: OXGW/16.167.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
alt-svc: clear
content-length: 342
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 26 Nov 2019 09:34:49 GMT
via: 1.1 google
server: OXGW/16.167.2
location: https://uk-ads.openx.net/w/1.0/acj?cc=1&ai=7a3f5f04-b96b-4e6e-9621-7e7b3318af1b&o=6351223403&callback=OX_6351223403&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
DATA 200
OK truncated
/ Frame CCEE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11af6ce0ccd56e2dc117aa19264f92b48a28fcd388d23a70f2b2fe5761af08ed

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 381C 0
0 17ms
16ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=50ab0170-10fc-4aec-b816-8e01043433e7
Requested by: Host: uk-ads.openx.net
URL: https://uk-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=50ab0170-10fc-4aec-b816-8e01043433e7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.express.com.pk/
accept-encoding: gzip, deflate, br
cookie: i=d8a9be4d-0d81-0446-38db-3a262cf1242e|1574760889
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/

Response headers

status: 200
vary: Accept
set-cookie: i=d8a9be4d-0d81-0446-38db-3a262cf1242e|1574760889; Version=1; Expires=Wed, 25-Nov-2020 09:34:49 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1574760889|gu; Version=1; Expires=Wed, 11-Dec-2019 09:34:49 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 26 Nov 2019 09:34:49 GMT
content-type: text/html
content-length: 151
via: 1.1 google
alt-svc: clear

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5F0A 42 B
120 B 15ms
15ms Image
image/gif 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvQuF4MHN3hxpkZ-ggHEMgKooIqdNNAEX2vgN44jHLZ5_hFJiJwBBP8eahoLnpqcWmoEpRKLHqQpDq-qxeyzD2dBoHnaNJissTjMLXXVc&sig=Cg0ArKJSzOP69-d7E-ssEAE&adk=3549282267&tt=-1&bs=1585%2C1200&mtos=0,1027,1027,1027,1027&tos=0,1027,0,0,0&p=1097,429,1187,1157&gcm=1&lcs=1&mcvt=1027&rs=0&ht=0&tfs=108&tls=1135&mc=0.99&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1574760889041&dlt&rpt=152&isd=0&msd=0&ext&imams=1&xdi=0&mxd=1&ps=1585%2C1272&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-6-12-4-11-11-0-0-0&tvt=1133&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.express.com.pk%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Nov 2019 09:34:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2E6D 42 B
120 B 15ms
14ms Image
image/gif 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhAvsLRv23RyRssCKUGqF5lP1u4L0EfwwVRxJ7md-9kvZXoquPAmoNM-0H4On-d7sR4D4IIVHhbhXRZSFAfXQG3Xtj078IUfy1fhw7TzY&sig=Cg0ArKJSzCKZQmJKHGCPEAE&adk=1743388791&tt=-1&bs=1585%2C1200&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&p=0,0,90,728&mcvt=1023&rs=0&ht=0&tfs=115&tls=1138&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1574760889426&dlt&rpt=250&isd=0&msd&ext&imams=1&xdi=0&mxd=1&ps=1585%2C1272&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-9-12-2-11-11-0-0-0&tvt=1137&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.express.com.pk%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Nov 2019 09:34:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CCEE 42 B
120 B 14ms
14ms Image
image/gif 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxnSmuvAIO3HM-f8iZdzw-S6IkSfSWYT14twSP7sw9P8NEBSeMRKhwrc8ep1XHtmZ0lSf6bZ3kWFRcO0sHe9q_jaXirw1dd5NKfMH3kHY&sig=Cg0ArKJSzK4dtTsiwnV2EAE&adk=3673565872&tt=-1&bs=1585%2C1200&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&p=0,0,90,728&gcm=1&lcs=1&mcvt=1023&rs=0&ht=0&tfs=206&tls=1229&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1574760889716&dlt&rpt=120&isd=0&msd&ext&imams=1&xdi=0&mxd=1&ps=1585%2C1272&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-7-13-3-12-12-0-0-0&tvt=1228&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.express.com.pk%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Nov 2019 09:34:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.express.com.pk/	1970-01-19 05:26:00	Name: _gat Value: 1
.express.com.pk/	1970-01-19 05:27:27	Name: _gid Value: GA1.3.1433144797.1574760889
.express.com.pk/	1970-01-19 22:57:12	Name: _ga Value: GA1.3.2041722282.1574760889
.express.com.pk/	1970-01-19 06:09:12	Name: __cfduid Value: d1dadc36e1ac3d5729fb9c4dfba7962a91574760887

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
adservice.google.de
beacon-eu2.rubiconproject.com
eu-u.openx.net
eus.rubiconproject.com
fqtag.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
s.update.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
uk-ads.openx.net
www.express.com.pk
www.google-analytics.com
www.googletagservices.com
172.217.16.162
185.33.223.218
2.19.38.84
23.37.55.184
2606:4700::6810:5655
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:814::2002
2a00:1450:400c:c08::9a
34.243.93.43
34.95.120.147
35.190.72.161
69.173.144.140
69.173.144.152
0074816bcfbabac978270afd1358a34fe3d5b752ffae49ee897ea59b261e089c
00a89d9cf75b9e410e7ac477b8f96f702b73d9c3707c043fa5701692609c91c5
03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d
0a6e1708ce703ce5e43f81f4888e21d372575d629605a1d672c974c18005d41d
0d502bb04e3c35ff0b4f87e34b31dea146ca502c5f0a39f0b783a9861e71ddde
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
11af6ce0ccd56e2dc117aa19264f92b48a28fcd388d23a70f2b2fe5761af08ed
14612f3ed35e1c31b1784c6cfc0ba55727b4e41c3b35b7e12441197be121799e
1c7b27d9c0ecc261353a61fcd969486320bd5dd6487381c11e24e4761fb50685
23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f
250c71cb76b167e6293c3114966da2e156fd194ef04b2bdfb924b6873912d883
35cb4b9940825c4c2f7defefa13df5921724e9ab9788b639a4e2f0028ea5489a
3b11905d79f5c34555a6783d678f3d42b21d284b7da040a4ca971cba5adbcdf9
3f2b53632d1d95a577276234fec15bc0e96c87b8d683763415c6d0fbc9d232c0
50e938bcbaa5a719109d7f76b5f7b77839dce58ea0b083b7abf1b1f1d75dc51c
68f42ddc43509a8c4bb83058974dc9cd3029c66c8adb94c9240f9afdaf9a6025
6a6eda185b02422fbecafe3683f216ff871fb4b0af25675f09701d5dd0e03261
73af7abce20397b5d04820a6d53b9e3cd876be79e2a48e96710220fb4f6a47d5
79555a97b6b55448dded769d3a15e8b726fff8c35cfd0b1abb0167a080a7d8b9
7c79bc810ede95d77eeba7a6a24b56614a2f2a069091f6599dc16d35aa6d670a
7e442a990ec607e07d930886208c3ece345836cb0e5968ad907e2a497666acdc
7f0f6249c431fe482b8d8de14a95e43289786db7c3abac18907e63fd5cc1ecb3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a5dd64e656070599d0a96559978c3e6c25331c541d936c3173e8e859bce64f
98721b450811b2fe2cddebae5ff4c5fd315b053642ae42fdb32c26fa667d4c0d
9a0cc2292bfa7a94f1e4b51a15dd1842a02406e6c70d219964085321d4df451a
9f2f5b6320696c81056a1541e3b5375524f994733137065a399e636e10afad48
a1ff5fe4ae718314b3589c7afd949e0d021d20f681c8417439c6e96559996595
a80197b2b583a8816b57cccbf53d823366cf7cce03c53228240be6854a6b5370
af1b12436c3969e38b246c835981f84b9c17b891acf3ea82ee56e3b69be5fca9
b060a5742006eca4261d044f66038ee46057fb2483ad876f72e122f8648f190f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1847c6c08e8ae78baa6fab499b662881db76b17b02f60da9514921fe3f15a4f
b2ce356ce7c50209ad7f56eaaa3a3f0790b66ea8aa9f6cdd1c9c273c0769e22c
b37f0bd192ebc9e3a6a97887b361245387f0875478490c1bd9bd1a0e990f2c29
c0e7f35af9cbc4b0f438886831131cedf216e59f54a45fdcc8caceaecf3270b4
c1cf6c85452f2090ce4402bfb80cb7ed6eafea618f478c67c49c22b226d025ac
c424a7cc857ce0cdaf1cfcc3f6994f26e70a5f20125badb8155bbab86a734ba8
d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3
d354400d9e8c67ae34e4b0fa332830f2e8d5a70a08256bf1779b77e88224c794
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e0aa3ab0c40d93b04a810b8fcd2b90be7d04cc2cc342c4bff2091072cb172697
e14aa3e531eddc18b162b6c73d5617dd154f30cb141a5f62746092223f1a9b1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
e566b962ada9848742384a88273b7f47e697a658a1a517fec8e9130fee3d0a5e
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1fdea430c24da4baa4534585b722158cd4158fc27583b2057daa53df9ee62d4
f5edad836296371cf3e554be8498c70faa2383ca1dc53ddff01bd50b6facca07
fecc9242fbbcda0e88b5ed9d340c4bc6646dd6c7e422546baedaa826366fabc2

www.express.com.pk Open in urlscan Pro 2606:4700::6810:5655 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

36 %IPv6

10 Domains

17 Subdomains

15 IPs

6 Countries

858 kBTransfer

1755 kBSize

4 Cookies

9 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.express.com.pk Open in urlscan Pro
2606:4700::6810:5655 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

17
Subdomains

15
IPs

6
Countries

858 kB
Transfer

1755 kB
Size

4
Cookies

71 HTTP transactions
3 data transactions