www.express.com.pk Open in urlscan Pro
2606:4700::6810:5655 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.express.com.pk/
Effective URL:
https://www.express.com.pk/
Submission: On February 17 via api (February 17th 2020, 4:04:34 am UTC) from US

Summary HTTP 69 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 69 HTTP transactions. The main IP is 2606:4700::6810:5655, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.express.com.pk.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 6th 2019. Valid for: 6 months.

This is the only time www.express.com.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 31	2606:4700::68... 2606:4700::6810:5655	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
69	12

31 2606:4700::6810:5655 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.express.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	express.com.pk 1 redirects www.express.com.pk	344 KB
13	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	53 KB
10	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	183 KB
7	ampproject.org cdn.ampproject.org	118 KB
4	googletagservices.com www.googletagservices.com	83 KB
3	google.com 1 redirects adservice.google.com www.google.com	226 B
2	google.de adservice.google.de	349 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
69	8

	Domain	Requested by
31	www.express.com.pk	1 redirects www.express.com.pk
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.express.com.pk
7	cdn.ampproject.org	securepubads.g.doubleclick.net
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.express.com.pk
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	www.express.com.pk securepubads.g.doubleclick.net
2	www.google.com	1 redirects www.express.com.pk
2	adservice.google.de	www.googletagservices.com
2	www.google-analytics.com	1 redirects www.express.com.pk
1	googleads.g.doubleclick.net	www.express.com.pk
1	stats.g.doubleclick.net	www.express.com.pk
1	adservice.google.com	www.googletagservices.com
69	12

This site contains links to these domains. Also see Links.

Domain
www.express.pk
tribune.com.pk
express.com.pk
live.express.pk
twitter.com
www.facebook.com
www.youtube.com
www.addthis.com

Subject Issuer	Validity	Valid
ssl462699.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-06` - `2020-06-13`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.express.com.pk/
Frame ID: 9D731483D071D3475F417BCAEC824B20
Requests: 44 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukeGhxxr1q6rrnDaQHPk7P3WcveJolNZqbUGEGlMDvbaexloPJsOAApZv20M_6SJh7fvOrFYdZh7oj2o2SBkjYMHKljrL05xVHsm98zQT63GAGTinhNO9YSPEqnjn29bIxbzsKK926EMyvfZSTrxG5eka8lvPn7ASDXRITf9AsFGq8oXhok5XjFXueI8wp36PvariGzumf5dYkHFo_JfieaSfqsWdt_udVP9Cu4wJQtXCjqV4ikGmLxV1y5XKIuLSa5zqU8sKjefjvdReK181J9XPV&sai=AMfl-YT3HgjDAblzWWSMfql3wuvMqb_tze7OtMHvZztXITVpsIa0E7BZMLRzMiCU-9FNfKzFmOx-HdWn1lX8kDAxjP1JEb2_r_HoBdb3k_skuQ&sig=Cg0ArKJSzDNpUyptihvmEAE&urlfix=1&adurl=
Frame ID: 6831494FCE74AD4F1553F5D5CE39786C
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: DE9CB58EF326AF8397667917A45ABCFA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012001281851410/amp4ads-v0.js
Frame ID: 66CDF85CEB5BA6E42E86FA35ED3DBD3D
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html
Frame ID: F9A924830A90DD6B2C9F9220AFD9E97B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.express.com.pk/ HTTP 301
https://www.express.com.pk/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

69
Requests

100 %
HTTPS

92 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

798 kB
Transfer

1601 kB
Size

4
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.express.pk/
Title: DAILY EXPRESS

Search URL Search Domain Scan URL

URL: https://tribune.com.pk/
Title: THE EXPRESS TRIBUNE

Search URL Search Domain Scan URL

URL: https://express.com.pk/epaper/
Title: URDE E-PAPER

Search URL Search Domain Scan URL

URL: https://tribune.com.pk/epaper/
Title: ENGLISH E-PAPER

Search URL Search Domain Scan URL

URL: https://live.express.pk/
Title: WATCH EXPRESS NEWS LIVE

Search URL Search Domain Scan URL

URL: https://twitter.com/Roznama_Express

Search URL Search Domain Scan URL

URL: https://www.facebook.com/expressnewspk

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ExpressnewsOnline247

Search URL Search Domain Scan URL

URL: http://www.addthis.com/bookmark.php?v=250&pub=express

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.express.com.pk/ HTTP 301
https://www.express.com.pk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1475204261&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.com.pk%2F&ul=en-us&de=UTF-8&dt=Daily%20Express%20Urdu%20Newspaper%20%7C%20Latest%20Pakistan%20News%20%7C%20Breaking%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=859897421&gjid=2129515060&cid=1232231929.1581912258&tid=UA-10383371-1&_gid=1281464533.1581912258&_r=1&z=224866812 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=1232231929.1581912258&jid=859897421&_gid=1281464533.1581912258&gjid=2129515060&_v=j81&z=224866812

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.express.com.pk/
Redirect Chain

http://www.express.com.pk/
https://www.express.com.pk/

13 KB
4 KB

47ms
13ms

Document
text/html

2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d0fc6cdec3806219d72916e654ec8c6c022274637fd9ed9fef46aa5c9e41db18

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Host: www.express.com.pk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Date: Mon, 17 Feb 2020 04:04:17 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d14d6bd1dda8fc305bcf2e7da7a14dd931581912257; expires=Wed, 18-Mar-20 04:04:17 GMT; path=/; domain=.express.com.pk; HttpOnly; SameSite=Lax
Cache-Control: public, max-age=7200
Vary: Accept-Encoding
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Frame-Options: deny
CF-Cache-Status: HIT
Age: 6053
Expires: Mon, 17 Feb 2020 06:04:17 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 5664e05c2a78d709-FRA
Content-Encoding: gzip

Redirect headers

Date: Mon, 17 Feb 2020 04:04:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 17 Feb 2020 05:04:17 GMT
Location: https://www.express.com.pk/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5664e05bdf97dff3-FRA

GET
H/1.1 200
OK front-style.css
www.express.com.pk/css/ 6 KB
2 KB 12ms
11ms Stylesheet
text/css 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.express.com.pk/css/front-style.css?v=3

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

14612f3ed35e1c31b1784c6cfc0ba55727b4e41c3b35b7e12441197be121799e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 04:04:17 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 6052
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1931
Last-Modified: Fri, 22 Sep 2017 08:32:15 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "80913b4b7d33d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 5664e05c4a97d709-FRA
Expires: Mon, 17 Feb 2020 08:04:17 GMT

GET
H/1.1 200
OK twt.png
www.express.com.pk/Images/frontpage/ 1 KB
2 KB 33ms
21ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/twt.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f1fdea430c24da4baa4534585b722158cd4158fc27583b2057daa53df9ee62d4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:17 GMT
CF-Cache-Status: HIT
Age: 66908
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1482
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "acc8e7f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c5aaed709-FRA
Expires: Wed, 19 Feb 2020 04:04:17 GMT

GET
H/1.1 200
OK fb.png
www.express.com.pk/Images/frontpage/ 1 KB
2 KB 31ms
18ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/fb.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e0aa3ab0c40d93b04a810b8fcd2b90be7d04cc2cc342c4bff2091072cb172697

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:17 GMT
CF-Cache-Status: HIT
Age: 157492
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1414
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "6ca96af14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c5806177a-FRA
Expires: Wed, 19 Feb 2020 04:04:17 GMT

GET
H/1.1 200
OK yt.png
www.express.com.pk/Images/frontpage/ 2 KB
2 KB 31ms
17ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/yt.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e14aa3e531eddc18b162b6c73d5617dd154f30cb141a5f62746092223f1a9b1f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:17 GMT
CF-Cache-Status: HIT
Age: 66833
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1575
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "dc3de8f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c5c7dd6d9-FRA
Expires: Wed, 19 Feb 2020 04:04:17 GMT

GET
H/1.1 200
OK share.png
www.express.com.pk/Images/frontpage/ 1 KB
2 KB 31ms
16ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/share.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

73af7abce20397b5d04820a6d53b9e3cd876be79e2a48e96710220fb4f6a47d5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:17 GMT
CF-Cache-Status: HIT
Age: 157492
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1478
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "6c68ddf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c6c46dfbb-FRA
Expires: Wed, 19 Feb 2020 04:04:17 GMT

GET
H/1.1 200
OK logo.png
www.express.com.pk/Images/frontpage/ 24 KB
24 KB 33ms
17ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/logo.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c0e7f35af9cbc4b0f438886831131cedf216e59f54a45fdcc8caceaecf3270b4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:17 GMT
CF-Cache-Status: HIT
Age: 67322
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 24426
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "3c1facf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c58e5d6c5-FRA
Expires: Wed, 19 Feb 2020 04:04:17 GMT

GET
H/1.1 200
OK lhr.png
www.express.com.pk/Images/frontpage/ 4 KB
4 KB 21ms
16ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/lhr.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f5edad836296371cf3e554be8498c70faa2383ca1dc53ddff01bd50b6facca07

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:17 GMT
CF-Cache-Status: HIT
Age: 66915
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 3679
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "6c9b96f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c6bee96bc-FRA
Expires: Wed, 19 Feb 2020 04:04:17 GMT

GET
H/1.1 200
OK 20200217-NP_LHE-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_LHE/20200217/ 15 KB
16 KB 47ms
12ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_LHE/20200217/20200217-NP_LHE-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

05e4698af5cf9e332cb9f9589e244f6da016fe14c56d6a4d4266f9be953ed53c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15586
Last-Modified: Sun, 16 Feb 2020 21:50:57 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "206c8c2b13e5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c993ad6c5-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK khi.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 59ms
13ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/khi.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0074816bcfbabac978270afd1358a34fe3d5b752ffae49ee897ea59b261e089c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 66928
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4174
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "5c394f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05cacb2dfbb-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_KHI-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_KHI/20200217/ 17 KB
17 KB 59ms
10ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_KHI/20200217/20200217-NP_KHI-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ed6b455af142189b715e3c00c0ef34d735f7e71d35de982fe70cfc8365d7ec3b

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 17276
Last-Modified: Sun, 16 Feb 2020 21:10:56 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "c0585694de5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05ca95ad6c5-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK isl.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 36ms
10ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/isl.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3f2b53632d1d95a577276234fec15bc0e96c87b8d683763415c6d0fbc9d232c0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 66916
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4164
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "ac28bf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c8cbad6d9-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_ISB-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_ISB/20200217/ 15 KB
16 KB 58ms
9ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_ISB/20200217/20200217-NP_ISB-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

21702d53123a71eba8912a72b8f710b22f447326643cb4edd475299f2cce088a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15365
Last-Modified: Sun, 16 Feb 2020 21:35:28 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "a027d7111e5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05ca86c177a-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK fsb.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 27ms
10ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/fsb.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

35cb4b9940825c4c2f7defefa13df5921724e9ab9788b639a4e2f0028ea5489a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 66904
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4543
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "2c247bf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c7adbd709-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_FSB-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_FSB/20200217/ 15 KB
16 KB 34ms
19ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_FSB/20200217/20200217-NP_FSB-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7834e999a7e3ca7d37cee495e4e3a17dcd42569179a17965e5981763a40fc8a7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15570
Last-Modified: Sun, 16 Feb 2020 21:42:20 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "301072f711e5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c7833177a-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK grw.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 45ms
15ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/grw.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

98721b450811b2fe2cddebae5ff4c5fd315b053642ae42fdb32c26fa667d4c0d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 66904
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4245
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "5c2879f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c8c7fdfbb-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_GRW-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_GRW/20200217/ 14 KB
15 KB 60ms
11ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_GRW/20200217/20200217-NP_GRW-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4061a3292c2c0151996597e66380b2ad749d4a8b72413c4b1b11f250fcc1545a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 14735
Last-Modified: Sun, 16 Feb 2020 21:27:25 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "b04f7e1fe5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05cab1ad709-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK mltn.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 48ms
10ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/mltn.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

85a5dd64e656070599d0a96559978c3e6c25331c541d936c3173e8e859bce64f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 70129
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4130
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "9c9adf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c9b09d709-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_MUX-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_MUX/20200217/ 15 KB
16 KB 66ms
20ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_MUX/20200217/20200217-NP_MUX-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

fa0a5e87f4b8913261f961683b9e286375e277443c2baf32102790892a115f06

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15524
Last-Modified: Sun, 16 Feb 2020 21:08:57 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "d03a564dde5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05cac0696bc-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK pshwr.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 67ms
9ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/pshwr.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

50e938bcbaa5a719109d7f76b5f7b77839dce58ea0b083b7abf1b1f1d75dc51c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 66903
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4141
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "fcabff14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05cb87e177a-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_PEW-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_PEW/20200217/ 17 KB
18 KB 47ms
10ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_PEW/20200217/20200217-NP_PEW-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

2d3e0717fcff112bb9d2e22c87952d276c1708972516fefcb81ad5f30e024fae

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 17456
Last-Modified: Sun, 16 Feb 2020 21:37:30 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "e08cb64a11e5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c9cd0d6d9-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK ryk.png
www.express.com.pk/Images/frontpage/ 5 KB
6 KB 35ms
12ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/ryk.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0a6e1708ce703ce5e43f81f4888e21d372575d629605a1d672c974c18005d41d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 157464
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 5327
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "ccffd6f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c8915d6c5-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_RYK-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_RYK/20200217/ 15 KB
16 KB 37ms
10ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_RYK/20200217/20200217-NP_RYK-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5a9f16cc5c1e3837291af09747c80676edf87a135f0c5d79e4e49aecbab51802

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15524
Last-Modified: Sun, 16 Feb 2020 21:13:04 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "805692e0de5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c8af0d709-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK sgd.png
www.express.com.pk/Images/frontpage/ 5 KB
5 KB 46ms
12ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/sgd.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

00a89d9cf75b9e410e7ac477b8f96f702b73d9c3707c043fa5701692609c91c5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 66677
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4741
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "acb1d6f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c984f177a-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_SGD-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_SGD/20200217/ 15 KB
16 KB 45ms
10ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_SGD/20200217/20200217-NP_SGD-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d918a16850ee43518b56d0b15b433860316239442339f57675a749ff133b363d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15578
Last-Modified: Sun, 16 Feb 2020 21:23:41 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "f035a75cfe5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c9c0096bc-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK suk.png
www.express.com.pk/Images/frontpage/ 843 B
1 KB 69ms
10ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/suk.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0d502bb04e3c35ff0b4f87e34b31dea146ca502c5f0a39f0b783a9861e71ddde

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 67089
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 843
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "c60e1f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05cbcfad6d9-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_SUK-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_SUK/20200217/ 18 KB
18 KB 59ms
10ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_SUK/20200217/20200217-NP_SUK-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

bd20038fdd6b8b7cad6c1401e5807b8ac124725ec5dfea205bc45918ea7de778

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20477
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 18025
Last-Modified: Sun, 16 Feb 2020 21:15:58 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "40d72548ee5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05cace5d6d9-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK quta.png
www.express.com.pk/Images/frontpage/ 4 KB
4 KB 29ms
13ms Image
image/png 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/quta.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

af1b12436c3969e38b246c835981f84b9c17b891acf3ea82ee56e3b69be5fca9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 66908
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4020
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "3cbed0f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c7c5fdfbb-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H/1.1 200
OK 20200217-NP_QTA-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_QTA/20200217/ 17 KB
18 KB 26ms
10ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_QTA/20200217/20200217-NP_QTA-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

5caac7113e0f01e917ffa3dee3cbbb90bb98ba5f69355cbadb76dfb795bf5a67

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 20476
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 17750
Last-Modified: Sun, 16 Feb 2020 21:18:55 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "10f716b2ee5d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c7c9fd6d9-FRA
Expires: Wed, 19 Feb 2020 04:04:17 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "430 / 329 of 1000 / last-modified: 1581701607"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14535
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5445
date: Mon, 17 Feb 2020 02:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Mon, 17 Feb 2020 04:33:32 GMT

GET
H/1.1 200
OK front-bg.jpg
www.express.com.pk/Images/ 75 KB
75 KB 29ms
12ms Image
image/jpeg 2606:4700::6810:5655
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/front-bg.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:5655 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b2ce356ce7c50209ad7f56eaaa3a3f0790b66ea8aa9f6cdd1c9c273c0769e22c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/css/front-style.css?v=3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Mon, 17 Feb 2020 04:04:18 GMT
CF-Cache-Status: HIT
Age: 157541
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 76693
Last-Modified: Sun, 30 Jul 2017 15:48:27 GMT
Server: cloudflare
X-Frame-Options: deny
ETag: "2c32da484b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 5664e05c7bf996bc-FRA
Expires: Wed, 19 Feb 2020 04:04:18 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.express.com.pk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.express.com.pk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 72ms
72ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1475204261&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.com.pk%2F&ul=en-us&de=UTF-8&dt=Daily%20Express%20Urdu%20Newspaper%20%7C%20Latest%20Pa...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=1232231929.1581912258&jid=859897421&_gid=1281464533.1581912258&gjid=2129515060&_v=j81&z=224866812

35 B
102 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=1232231929.1581912258&jid=859897421&_gid=1281464533.1581912258&gjid=2129515060&_v=j81&z=224866812

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Mon, 17 Feb 2020 04:04:18 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 17 Feb 2020 04:04:18 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=1232231929.1581912258&jid=859897421&_gid=1281464533.1581912258&gjid=2129515060&_v=j81&z=224866812
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
2 KB 292ms
292ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1177391103070267&correlator=2918374246855697&output=ldjh&impl=fifs&adsid=NT&eid=21062452%2C21062832%2C21065203%2C21065391%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200217&iu_parts=11952262%2Cexpresscompk-home-lb&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pos%3Datf&cust_params=site%3Dexpresscompk%26expresscompk_page%3Dhome%26device%3DDesktop&cookie_enabled=1&bc=31&abxe=1&lmt=1581912258&dt=1581912258112&dlt=1581912257960&idt=137&frm=20&biw=1585&bih=1200&oid=3&adxs=308&adys=937&adks=3549282267&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.express.com.pk%2F&dssz=9&icsg=674&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x-1&msz=972x-1&ga_vid=1232231929.1581912258&ga_sid=1581912258&ga_hid=1475204261&fws=516&ohw=972

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

ab7edde72f10cef0eab070885281a27be9f78bb22e5a02882bfde251c4a8f51a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1715
x-xss-protection: 0
google-lineitem-id: 4474154833
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138215481875
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.express.com.pk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
24 KB 72ms
72ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 5ms
5ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6831 0
0 73ms
73ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukeGhxxr1q6rrnDaQHPk7P3WcveJolNZqbUGEGlMDvbaexloPJsOAApZv20M_6SJh7fvOrFYdZh7oj2o2SBkjYMHKljrL05xVHsm98zQT63GAGTinhNO9YSPEqnjn29bIxbzsKK926EMyvfZSTrxG5eka8lvPn7ASDXRITf9AsFGq8oXhok5XjFXueI8wp36PvariGzumf5dYkHFo_JfieaSfqsWdt_udVP9Cu4wJQtXCjqV4ikGmLxV1y5XKIuLSa5zqU8sKjefjvdReK181J9XPV&sai=AMfl-YT3HgjDAblzWWSMfql3wuvMqb_tze7OtMHvZztXITVpsIa0E7BZMLRzMiCU-9FNfKzFmOx-HdWn1lX8kDAxjP1JEb2_r_HoBdb3k_skuQ&sig=Cg0ArKJSzDNpUyptihvmEAE&urlfix=1&adurl=

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Mon, 17 Feb 2020 04:04:18 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 6831 43 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "430 / 646 of 1000 / last-modified: 1581701607"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14535
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6831 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27600
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1581337310261798"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27884
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53d6a3a4ece55879ea1d32f9164528b6667c7c2c8ad32e4ed63d4832275faaa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5207
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 21 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2 200 pubads_impl_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6831 167 KB
61 KB 72ms
71ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62230
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 6831 113 B
178 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.express.com.pk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame DE9C 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.express.com.pk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.express.com.pk/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Mon, 17 Feb 2020 02:04:21 GMT
expires: Tue, 16 Feb 2021 02:04:21 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7197
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6831 35 KB
10 KB 300ms
299ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2100199037593023&correlator=974567577996323&output=ldjh&impl=fif&eid=21062833%2C21065304%2C21065305&vrg=2020013001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200217&iu=%2F229445249%2FDWTag-DFPNew_RS70_Expresscompk_Banner_728x90_311017&sz=728x90&eri=2&cookie=ID%3Ddc28bb50d40371df%3AT%3D1581912258%3AS%3DALNI_Ma4YM1J246O3CXFdfke7Rd13o-DKA&cdm=www.express.com.pk&bc=31&abxe=1&lmt=1581912258&dt=1581912258572&dlt=1581912258417&idt=150&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=1097&adk=1743388791&uci=n7arsah2mf2i&ifi=1&ifk=1555028292&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.express.com.pk%2F&top=https%3A%2F%2Fwww.express.com.pk%2F&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=1232231929.1581912258&ga_sid=1581912259&ga_hid=1911753861&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

b7f36461d0bc11606ce836f3963dd8fc2bd5c1dea0bae777f0d512621b23be9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10172
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.express.com.pk
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020013001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 6831 66 KB
24 KB 73ms
73ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jan 2020 14:09:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24903
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 6831 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
69 B 14ms
13ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=1177391103070267&bg=!srGlsalYQHpH1IEprI4CAAAAM1IAAAAMmQFeulFCcfMsYqqfM2ugqLwSA4hhl1NAT8gCjRIwUYrPjd1FfYLf8wMEtU1edQUpc_40qdJ2Fj7N_FwyU-rR9MVbpuQabhbVde0upMQrrYhwNYN9HXqp15luukW_7hJUS62N8LIG8cIkUVyrwyuo9ch7GDZ_PrlABQUqoKUqKZahXQi_O3CFAXgkHUz-HqEPoX6TTMzhFhRF8nrJjOIO7tJhQj-gdyMt1r53OIEMsC3CEUzG9P3W_pI1fJFs89_yazsmPqlM0_hAxmhBDvv0Cr7iR7KoqrZ_q9LXXmbvoEPQNW_FPgNfSpU5nZtG8fLAhtdEoU1od3zf4hyEG0y4QCbTjr9r29aw4u0p1efhq2ETNc5NG1GlaPWiQdX749-EOLPG3nfaSRlyqbZ4pAN-PAA9c3_kUbMG1bHr-QpsATBgzbrOGyEhb5A7iEQvbd8RCSOJjHkGsz9vXc1jPS1pUAg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 04:04:18 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012001281851410/ Frame 6831 20 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001281851410/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94c64f16129178950ae198a21630de846ac0cef148890d92ca07ea212bc39834

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 20931
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7146
x-xss-protection: 0
server: sffe
date: Sun, 16 Feb 2020 22:15:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "07f1c9366dde68a2"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Feb 2021 22:15:27 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012001281851410/ Frame 66CD 201 KB
55 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001281851410/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

083e70abc61231f062f9e884cbcfebf44d3b037acf0e5e7ee13cc13f2af4b877

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32314
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55761
x-xss-protection: 0
server: sffe
date: Sun, 16 Feb 2020 19:05:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42fd90c4a26735e9"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Feb 2021 19:05:44 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012001281851410/v0/ Frame 66CD 15 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001281851410/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6368c6eab420dd270dd53602b62f1c2a61b0ee2bda36d38771b750ae1e1c90

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106733
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5593
x-xss-protection: 0
server: sffe
date: Sat, 15 Feb 2020 22:25:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aa7eb294edd014c3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Feb 2021 22:25:25 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012001281851410/v0/ Frame 66CD 91 KB
27 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001281851410/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7817d24fae48a7de4fbe7af59036b89f5878161d346948494dc40fb408ff83bd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 32323
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27995
x-xss-protection: 0
server: sffe
date: Sun, 16 Feb 2020 19:05:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "36e3f5a5b317a234"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Feb 2021 19:05:35 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012001281851410/v0/ Frame 66CD 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001281851410/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33f5e031d6755d3d5e90bef966097c568dacd3e83905f4f474ccc76b9b335293

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106736
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
server: sffe
date: Sat, 15 Feb 2020 22:25:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1fa9dc6a9a4f200a"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Feb 2021 22:25:22 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012001281851410/v0/ Frame 66CD 46 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001281851410/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fefd977a8ac715eb04b55cc9eb25d11ae09e6e5b4a95791ba0a2ae51b7903387

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 106725
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14831
x-xss-protection: 0
server: sffe
date: Sat, 15 Feb 2020 22:25:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "111f1ad9a076d4e5"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Feb 2021 22:25:33 GMT

GET
H2 200 9563440837063070554
tpc.googlesyndication.com/simgad/ Frame 66CD 27 KB
27 KB 266ms
266ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9563440837063070554?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm3QHFBq9tURmu-Xh9Mqnl9QeuSOw

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e2dec6fb0ff619db77130b5c7aa15e8a55754ef1fd2832ecafc5f805bfc86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 04:04:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 28 Sep 2019 21:26:14 GMT
server: sffe
access-control-allow-origin: *
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27160
x-xss-protection: 0
expires: Tue, 16 Feb 2021 04:04:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 66CD 0
0 14ms
13ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9lyuX2tDVOVUykWE1n_UBjmcsxpNFFcwh87hHR9jERS3SpqOkPqaQP2bR8Ck8yveXv0wg
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 66CD 0
0 75ms
75ms Image
text/html 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy_FrwhBKXtfTJc3A7gPMkLKQDfnlyPpa67Dpqp4Ky96N5hQQASD5o4gwYLu-roPQCqAB6NqKuQPIAQKpAv05pXBZ47U-4AIAqAMByAMIqgTJAU_QxR5vYJEhhsvxAo1X34jeR1c8N9lU2SjPzQ4D6uI26Q9vwsy0V7xjWAswMdsFYSSFof7bOcQDzIwwgiDgKQrDfWCTundGdJNvFIf6t_eNykXDvL9WLBbxaed2z5rtsDyZUw7Y5qGSKyvOdGf9rpYYfxxrdzugmuiTeDO_UHgoogkkxxtWqfQ1xdGvb5j951Ad8ZrpC2vyMOn8uLsZi4PVKF2JMesLKMMFd4i7MGGVeUnlq2BtztpP09RZk-_iAlwifSw7D2HUTsAE-9KWo7oC4AQBkgUECAQYAZIFBAgFGASgBgKAB4Cl9UaoB47OG6gH1ckbqAeT2BuoB7oGqAfy2RuoB6a-G6gH7NUb2AcB8gcEEOW3DtIICQiA4YBwEAEYHfIIG2FkeC1zdWJzeW4tODQwODgyNzUyMDU3MjE5OYAKA8gLAdgTAg&sigh=n-GB6zTzaL8&tpd=AGWhJmt02zVA5oLKsz1eo6yrwMwMaY9o4JSdCioZYznnaNJ74w
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s14-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6831 7 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020013001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bc71431aaad8bc59c9a105650e245d027a729cce0bec65e0dde7c8d71e35d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5142
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6831 21 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 04:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1580338855439378"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
expires: Mon, 17 Feb 2020 04:04:18 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012001281851410/ 20 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012001281851410/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020013001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94c64f16129178950ae198a21630de846ac0cef148890d92ca07ea212bc39834

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 20931
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7146
x-xss-protection: 0
server: sffe
date: Sun, 16 Feb 2020 22:15:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "07f1c9366dde68a2"
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Feb 2021 22:15:27 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 66CD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
15ms

Image
text/html

2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

Response headers

Redirect headers

date: Mon, 17 Feb 2020 04:04:18 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/206/ Frame F9A9 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/206/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/206/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.express.com.pk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.express.com.pk/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4624
date: Mon, 17 Feb 2020 02:04:21 GMT
expires: Tue, 16 Feb 2021 02:04:21 GMT
last-modified: Tue, 19 Nov 2019 17:13:16 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7197
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6831 0
60 B 16ms
16ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=206&t=2&li=gpt_2020013001&jk=2100199037593023&bg=!6Oul6_NYVL_ObpkyJe0CAAAANlIAAAAJmQFkZ2PRvlRX5SbPWixcu27skkou2w2rQsu02_h1SWY4TJmkg6noQ7RBBwdMsPfA0ioLTawv8ngb2GpFkTq27P2OzCX-t26sFGhAylOqJVVNoab_Zu40QRnlZbo6qCs8QRnbOl5uAc_noIazo6o7mHrsVAfbAlzCSkQZv8QamsMmwSc2W1NyIXYui9py6e7dvozJqayUzFnuU_osNuZGZvtkDWrL02X33EqtXZE3rrNRUFx0gKpWhcCEe0gAzzMhUpSqYEkHYPbv2enl5_K5zCLW0epYMWVj5DgcW92Nis3Weu_NuhwgwvlUKO9vLWGkI6pZpZeyhWDQw7Tnnxa8t-89W6ySDeRLGvpFi07zNZQaYXNRjA-hoJlRrhA8Yw6bcc9g9KYa_rhePUjBH2YzGk97jC_SoLARA0OYrUopxhKihLCFQb0vrE11ht_DYUikdc15JT-GGWveceMCPnpkhFAv6293LnU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 04:04:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6831 42 B
121 B 14ms
14ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqCTVbB6rKxliWVAtOKAzCoAhIMcR_A9gXNLsLV3DcibhBhL0l8h8gd4-x99rrXZz8Ur7ugJhaosc-IkF-tvM-lPkGvjWP1cNLuEwgV00&sig=Cg0ArKJSzClgv4TZNdbIEAE&adk=3549282267&tt=-1&bs=1585%2C1200&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&p=1097,429,1187,1157&mcvt=1014&rs=0&ht=0&tfs=108&tls=1122&mc=1&lte=0&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1581912258419&dlt&rpt=167&isd=0&msd=0&ext&xdi=0&ps=1585%2C1272&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-4-11-11-0-0-0&tvt=1119&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.express.com.pk%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 04:04:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 66CD 42 B
121 B 23ms
23ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVUu76n_eoRuhN6WWjmc6x8jTmIc6d32Z0vjmZ5hLn-NgIdt1Oqf380uRblgzQIgCiyRauYfzP_5f-Cr0H_49Klbe_mgfFhXBM4eiWXt0KCMsDmInSt2ry0NMePseFXPQhhBvdM7aM_7T96UkNRp8g&sai=AMfl-YShpIgZS7dhEAkHSex5sBbVR3qldzhcHQ9COholvDagonkodvsD50CERp7aY44Jyq0T7eCjkjDFQTLqo2wybqEsYTfdGaeUb2aFNTH5eFFSZmBgiLdbcLVXno5u&sig=Cg0ArKJSzLbu5NpopdfQEAE&cid=CAASPeRohXcqUrdVWupBOIE1SydTW3nU9fDwL9sqGM7h_4dVd_FxPzs8w0VcCSjv6MdRM0N8LsQoR7V267eipJo&id=ampim&o=429,1097&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=250&tls=1250&g=100&h=100&tt=1250&r=v&adk=1743388791&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 17 Feb 2020 04:04:20 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.express.com.pk/	1970-01-19 07:25:12	Name: _gat Value: 1
.express.com.pk/	1970-01-19 07:26:38	Name: _gid Value: GA1.3.1281464533.1581912258
.express.com.pk/	1970-01-20 00:56:24	Name: _ga Value: GA1.3.1232231929.1581912258
.express.com.pk/	1970-01-19 08:08:24	Name: __cfduid Value: d14d6bd1dda8fc305bcf2e7da7a14dd931581912257

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012001281851410/amp4ads-v0.js(Line 409) Message: Powered by AMP ⚡ HTML – Version 2001281851410 https://www.express.com.pk/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.express.com.pk
www.google-analytics.com
www.google.com
www.googletagservices.com
172.217.22.2
2606:4700::6810:5655
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2004
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2001
2a00:1450:4001:821::2002
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9c
0074816bcfbabac978270afd1358a34fe3d5b752ffae49ee897ea59b261e089c
00a89d9cf75b9e410e7ac477b8f96f702b73d9c3707c043fa5701692609c91c5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05e4698af5cf9e332cb9f9589e244f6da016fe14c56d6a4d4266f9be953ed53c
06349254c3a3832ea81973863ce5873ab441c1b8006ee1cb553425d152fabf88
083e70abc61231f062f9e884cbcfebf44d3b037acf0e5e7ee13cc13f2af4b877
0a6e1708ce703ce5e43f81f4888e21d372575d629605a1d672c974c18005d41d
0d502bb04e3c35ff0b4f87e34b31dea146ca502c5f0a39f0b783a9861e71ddde
14612f3ed35e1c31b1784c6cfc0ba55727b4e41c3b35b7e12441197be121799e
21702d53123a71eba8912a72b8f710b22f447326643cb4edd475299f2cce088a
2bbe4d4e1a168926c878be73ce8e09b71e70f3823575de43e0623a4e2dfb609d
2d3e0717fcff112bb9d2e22c87952d276c1708972516fefcb81ad5f30e024fae
33f5e031d6755d3d5e90bef966097c568dacd3e83905f4f474ccc76b9b335293
35cb4b9940825c4c2f7defefa13df5921724e9ab9788b639a4e2f0028ea5489a
3f2b53632d1d95a577276234fec15bc0e96c87b8d683763415c6d0fbc9d232c0
4061a3292c2c0151996597e66380b2ad749d4a8b72413c4b1b11f250fcc1545a
50e938bcbaa5a719109d7f76b5f7b77839dce58ea0b083b7abf1b1f1d75dc51c
53d6a3a4ece55879ea1d32f9164528b6667c7c2c8ad32e4ed63d4832275faaa4
59e2dec6fb0ff619db77130b5c7aa15e8a55754ef1fd2832ecafc5f805bfc86c
5a9f16cc5c1e3837291af09747c80676edf87a135f0c5d79e4e49aecbab51802
5caac7113e0f01e917ffa3dee3cbbb90bb98ba5f69355cbadb76dfb795bf5a67
73af7abce20397b5d04820a6d53b9e3cd876be79e2a48e96710220fb4f6a47d5
7817d24fae48a7de4fbe7af59036b89f5878161d346948494dc40fb408ff83bd
7834e999a7e3ca7d37cee495e4e3a17dcd42569179a17965e5981763a40fc8a7
7bc71431aaad8bc59c9a105650e245d027a729cce0bec65e0dde7c8d71e35d14
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a5dd64e656070599d0a96559978c3e6c25331c541d936c3173e8e859bce64f
94c64f16129178950ae198a21630de846ac0cef148890d92ca07ea212bc39834
98338d687e5f0016e85ba80b4de3c9c887e4dd4eb9ea5ac225ef1de42d149eb3
98721b450811b2fe2cddebae5ff4c5fd315b053642ae42fdb32c26fa667d4c0d
9d6368c6eab420dd270dd53602b62f1c2a61b0ee2bda36d38771b750ae1e1c90
9d6757384f86ea93a46cf05a185da797dd19a39053a0cc6e64759598f2bc05c0
ab7edde72f10cef0eab070885281a27be9f78bb22e5a02882bfde251c4a8f51a
af1b12436c3969e38b246c835981f84b9c17b891acf3ea82ee56e3b69be5fca9
b2ce356ce7c50209ad7f56eaaa3a3f0790b66ea8aa9f6cdd1c9c273c0769e22c
b7f36461d0bc11606ce836f3963dd8fc2bd5c1dea0bae777f0d512621b23be9b
bd20038fdd6b8b7cad6c1401e5807b8ac124725ec5dfea205bc45918ea7de778
c0e7f35af9cbc4b0f438886831131cedf216e59f54a45fdcc8caceaecf3270b4
d0fc6cdec3806219d72916e654ec8c6c022274637fd9ed9fef46aa5c9e41db18
d918a16850ee43518b56d0b15b433860316239442339f57675a749ff133b363d
da5938edc872a3bb592689c64b4e09e5dad48fe5f280fc714636a0c405bcc0a4
e0aa3ab0c40d93b04a810b8fcd2b90be7d04cc2cc342c4bff2091072cb172697
e14aa3e531eddc18b162b6c73d5617dd154f30cb141a5f62746092223f1a9b1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebe54c2b4cdb3fc0bd7bd45b2ce574428f0e970bdd1e9395f50916bce1628cc6
ed6b455af142189b715e3c00c0ef34d735f7e71d35de982fe70cfc8365d7ec3b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1fdea430c24da4baa4534585b722158cd4158fc27583b2057daa53df9ee62d4
f5edad836296371cf3e554be8498c70faa2383ca1dc53ddff01bd50b6facca07
fa0a5e87f4b8913261f961683b9e286375e277443c2baf32102790892a115f06
fefd977a8ac715eb04b55cc9eb25d11ae09e6e5b4a95791ba0a2ae51b7903387

www.express.com.pk Open in urlscan Pro 2606:4700::6810:5655 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

92 %IPv6

8 Domains

12 Subdomains

12 IPs

3 Countries

798 kBTransfer

1601 kBSize

4 Cookies

9 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.express.com.pk Open in urlscan Pro
2606:4700::6810:5655 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

92 %
IPv6

8
Domains

12
Subdomains

12
IPs

3
Countries

798 kB
Transfer

1601 kB
Size

4
Cookies

69 HTTP transactions
0 data transactions