www.express.com.pk Open in urlscan Pro
2606:4700::6812:8843 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.express.com.pk/
Submission: On November 30 via api (November 30th 2019, 4:52:05 pm UTC) from CZ

Summary HTTP 74 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 12 domains to perform 74 HTTP transactions. The main IP is 2606:4700::6812:8843, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.express.com.pk.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 28th 2019. Valid for: 6 months.

This is the only time www.express.com.pk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:4700::68... 2606:4700::6812:8843	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
12	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
13	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	2.19.38.84 2.19.38.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	69.173.144.155 69.173.144.155	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.190.72.161 35.190.72.161	15169 (GOOGLE) (GOOGLE - Google LLC)
1 4	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2607:f8b0:400... 2607:f8b0:4002:c09::5e	15169 (GOOGLE) (GOOGLE - Google LLC)
74	17

30 2606:4700::6812:8843 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.express.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.38.84 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-84.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.155 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.72.161 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 161.72.190.35.bc.googleusercontent.com

fqtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

uk-ads.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:c09::5e (United States)

ASN15169 (GOOGLE - Google LLC, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	express.com.pk www.express.com.pk	346 KB
14	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	276 KB
9	googletagservices.com www.googletagservices.com	218 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	330 B
4	openx.net 1 redirects uk-ads.openx.net eu-u.openx.net	18 KB
4	rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu2.rubiconproject.com eus.rubiconproject.com	10 KB
3	google.de adservice.google.de	1 KB
2	adnxs.com 1 redirects secure.adnxs.com	886 B
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	gstatic.com csi.gstatic.com	304 B
1	fqtag.com fqtag.com
1	google.com adservice.google.com	323 B
74	12

	Domain	Requested by
30	www.express.com.pk	www.express.com.pk securepubads.g.doubleclick.net
13	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.express.com.pk
9	www.googletagservices.com	www.express.com.pk securepubads.g.doubleclick.net optimized-by.rubiconproject.com
3	pagead2.googlesyndication.com
3	uk-ads.openx.net	1 redirects securepubads.g.doubleclick.net www.express.com.pk
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.de	www.googletagservices.com
2	secure.adnxs.com	1 redirects www.express.com.pk
2	www.google-analytics.com	1 redirects www.express.com.pk
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	eu-u.openx.net	uk-ads.openx.net
1	fqtag.com	www.express.com.pk
1	eus.rubiconproject.com	www.express.com.pk
1	beacon-eu2.rubiconproject.com	www.express.com.pk
1	optimized-by.rubiconproject.com	ads.rubiconproject.com
1	ads.rubiconproject.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.express.com.pk
1	adservice.google.com	www.googletagservices.com
74	18

This site contains links to these domains. Also see Links.

Domain
www.express.pk
tribune.com.pk
express.com.pk
live.express.pk
twitter.com
www.facebook.com
www.youtube.com
www.addthis.com

Subject Issuer	Validity	Valid
ssl462699.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-28` - `2020-01-04`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.fqtag.com Let's Encrypt Authority X3	`2019-10-15` - `2020-01-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh

This page contains 6 frames:

Primary Page: https://www.express.com.pk/
Frame ID: FFE8C6ED8D12FD289622150C51EA122F
Requests: 40 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVBG6nJF4Tzy8-wtR4hT1hmZXj6goW6DVXkH_xkRQxC-yJylYj7HYr69TEGmVyzMMxWsO-VI-QZQ3La7gzxGu8-yQFvwIao7Bz-euP3MPcaP5zkXptrNpdZ5-rWGtCReuB_N55TXKDV1YrQbgtLtUyLNU1MWmnQ_2uR0HtmNscX6rlzQ5l8rvVnOv2QNplZG7hrW_C3xy3ltBpb5raOzZM7hYAFlcki3gu0SVTxDneeIEPk-x0AVqr0lPThjRhfPB5Jr0h4IpCwKG4g-FC34e-kdM9&sai=AMfl-YS2iUWJgEcJ3JwU0nvUZoJA7km_aYXdSbr-S9G43PrVW9Q-9n1GM8rO6HPLCGes4aHA13f-NjiID8L4BlSEAsIeK35iOpgIR9CbO5_y1Q&sig=Cg0ArKJSzE3vZTbrq8poEAE&urlfix=1&adurl=
Frame ID: 060E337C591FB79B8CB3C3AA918317D7
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsushOtWt7xI1Pbc6AZlpgSIKnpNgwWJbpo1j9CZJr6QNy6iJ3D9HSTohzgLRBsq2B57Q96xr1XoE8wu0Wd_71tPhY1Xdj9lTBwg-PV-EEQviWvWqTL7dwBXfqaLRvtL9_2fd4EOMrIjohCLRIvutnTvF6Ckl8y-qDDLyw__EV1hLmQIcC6GWtxD-zl2W5Gh5GZtoVaVj5ydHTqBkD31ujXBVBUechJ5ENWZg1t51Mso0CA464_TIjdS0nJpLFlHdJW1ChAJlqNfRZP2f_cSLExYyztT9UK1JhdQEDznHpRC7GoGbsHif4PYJ_dWZibtdEdDtF4&sig=Cg0ArKJSzLmGSAhi00ySEAE&urlfix=1&adurl=
Frame ID: 3FB9179F8A794475575CBFD45459B67B
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 44E6B6AACC6D8290E169851149EDB78A
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucwKokkNmems26PePT1PhYQi5YenFVxXKBsM6YPAdlQrRkR1NeUEScg-Ep8yJemiNiWzzF0zhOvhMgBfvOndCNELXvb4_pwREo1KZuhv1gcE22A8FvMV30IdX8VYi6XUqPcTdX9zZ6tKJDVT0_-0_dTXbwmr3sYCutFYsX-rHL-lQDrGst7x2uqBCjISOlTzwW8EylvAKi1RQZlcFtxkFcaejj-_ShBxSBDJKo6aXPM74ItBc8MyKMhSL8hokDAenVYQgChCSiesyCwsm2d7_n04pSuZDP_af86br_SIeTwGKmM4v9e8Iqek8SmXPhzUWMQqBKrH4&sig=Cg0ArKJSzHUz-Sir_3QrEAE&urlfix=1&adurl=
Frame ID: 564D9C7A4C9045ECFEBECE89B9DA86DB
Requests: 9 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=50ab0170-10fc-4aec-b816-8e01043433e7
Frame ID: E6F74640B37E7950116164D072A836A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

74
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

18
Subdomains

17
IPs

5
Countries

888 kB
Transfer

1813 kB
Size

4
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.express.pk/
Title: DAILY EXPRESS

Search URL Search Domain Scan URL

URL: https://tribune.com.pk/
Title: THE EXPRESS TRIBUNE

Search URL Search Domain Scan URL

URL: https://express.com.pk/epaper/
Title: URDE E-PAPER

Search URL Search Domain Scan URL

URL: https://tribune.com.pk/epaper/
Title: ENGLISH E-PAPER

Search URL Search Domain Scan URL

URL: https://live.express.pk/
Title: WATCH EXPRESS NEWS LIVE

Search URL Search Domain Scan URL

URL: https://twitter.com/Roznama_Express

Search URL Search Domain Scan URL

URL: https://www.facebook.com/expressnewspk

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ExpressnewsOnline247

Search URL Search Domain Scan URL

URL: http://www.addthis.com/bookmark.php?v=250&pub=express

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=910425000&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.com.pk%2F&ul=en-us&de=UTF-8&dt=Daily%20Express%20Urdu%20Newspaper%20%7C%20Latest%20Pakistan%20News%20%7C%20Breaking%20News&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAEAB~&jid=1079424883&gjid=1528295593&cid=407090447.1575132709&tid=UA-10383371-1&_gid=1099476974.1575132709&_r=1&z=700106341 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=407090447.1575132709&jid=1079424883&_gid=1099476974.1575132709&gjid=1528295593&_v=j79&z=700106341

Request Chain 49

https://secure.adnxs.com/seg?add=5639373&t=2 HTTP 302
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5639373%26t%3D2

Request Chain 68

https://uk-ads.openx.net/w/1.0/acj?ai=21aea271-e735-45f9-ad1b-26228001d5f1&o=5779467988&callback=OX_5779467988&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1 HTTP 302
https://uk-ads.openx.net/w/1.0/acj?cc=1&ai=21aea271-e735-45f9-ad1b-26228001d5f1&o=5779467988&callback=OX_5779467988&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1

74 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.express.com.pk/ 13 KB
4 KB 624ms
551ms Document
text/html 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

620a4f4a3c913a009f1306314145e9f934dd89c86c79a79569de11de2069c1c9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Host: www.express.com.pk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dd92e741de4cdd0f97b8625b87cd05a4b1575132708; expires=Mon, 30-Dec-19 16:51:48 GMT; path=/; domain=.express.com.pk; HttpOnly
Cache-Control: public, max-age=7200
Vary: Accept-Encoding
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
X-Frame-Options: deny
CF-Cache-Status: EXPIRED
Expires: Sat, 30 Nov 2019 18:51:48 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
CF-RAY: 53de5401ac538cb6-VIE
Content-Encoding: gzip

GET
H/1.1 200
OK front-style.css
www.express.com.pk/css/ 6 KB
3 KB 434ms
434ms Stylesheet
text/css 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.express.com.pk/css/front-style.css?v=3

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

14612f3ed35e1c31b1784c6cfc0ba55727b4e41c3b35b7e12441197be121799e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: REVALIDATED
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 2345
Last-Modified: Fri, 22 Sep 2017 08:32:15 GMT
Server: cloudflare
ETag: "90378f4b7d33d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: text/css
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
CF-RAY: 53de54052e9c8cb6-VIE
Expires: Sat, 30 Nov 2019 20:51:49 GMT

GET
H/1.1 200
OK twt.png
www.express.com.pk/Images/frontpage/ 1 KB
2 KB 58ms
28ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/twt.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f1fdea430c24da4baa4534585b722158cd4158fc27583b2057daa53df9ee62d4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144718
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1482
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "acc8e7f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de540558348cb0-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK fb.png
www.express.com.pk/Images/frontpage/ 1 KB
2 KB 63ms
32ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/fb.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e0aa3ab0c40d93b04a810b8fcd2b90be7d04cc2cc342c4bff2091072cb172697

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144300
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1414
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "6ca96af14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de540558e48c7a-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK yt.png
www.express.com.pk/Images/frontpage/ 2 KB
2 KB 73ms
42ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/yt.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e14aa3e531eddc18b162b6c73d5617dd154f30cb141a5f62746092223f1a9b1f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144300
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1575
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "dc3de8f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de54055ecacbb8-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK share.png
www.express.com.pk/Images/frontpage/ 1 KB
2 KB 56ms
24ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/share.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

73af7abce20397b5d04820a6d53b9e3cd876be79e2a48e96710220fb4f6a47d5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144300
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 1478
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "6c68ddf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de54055da48cc2-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK logo.png
www.express.com.pk/Images/frontpage/ 24 KB
24 KB 66ms
29ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/logo.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

c0e7f35af9cbc4b0f438886831131cedf216e59f54a45fdcc8caceaecf3270b4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 8165
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 24426
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "3c1facf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de54056ee259fa-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK lhr.png
www.express.com.pk/Images/frontpage/ 4 KB
4 KB 18ms
18ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/lhr.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

f5edad836296371cf3e554be8498c70faa2383ca1dc53ddff01bd50b6facca07

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144716
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 3679
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "6c9b96f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de54058db78cc2-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_LHE-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_LHE/20191130/ 16 KB
17 KB 23ms
22ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_LHE/20191130/20191130-NP_LHE-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

a8620383e5d1fe72b46db53fa1eadbe1733824f5d272ff610c3ecea7fc0b256c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64089
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 16404
Last-Modified: Fri, 29 Nov 2019 22:20:52 GMT
Server: cloudflare
ETag: "03a84423a7d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405885e8cb0-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK khi.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 23ms
23ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/khi.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0074816bcfbabac978270afd1358a34fe3d5b752ffae49ee897ea59b261e089c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144713
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4174
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "5c394f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de540589088c7a-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_KHI-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_KHI/20191130/ 16 KB
17 KB 24ms
24ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_KHI/20191130/20191130-NP_KHI-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b74aafce4ac7a28f00102df7c3b40b42dbdc2c655ca1e064182cc250ff4fc89f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64089
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 16467
Last-Modified: Fri, 29 Nov 2019 21:19:38 GMT
Server: cloudflare
ETag: "051a4b4faa6d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de54059f0059fa-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK isl.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 19ms
19ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/isl.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

3f2b53632d1d95a577276234fec15bc0e96c87b8d683763415c6d0fbc9d232c0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144713
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4164
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "ac28bf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de54059f6ccbb8-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_ISB-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_ISB/20191130/ 16 KB
17 KB 20ms
20ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_ISB/20191130/20191130-NP_ISB-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

ffbf6bd74bc379ae02383ea3406d288b18a073cf8fb9b653d2fda86c83896c32

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64088
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 16465
Last-Modified: Fri, 29 Nov 2019 21:42:46 GMT
Server: cloudflare
ETag: "04ff4effda6d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405adc68cc2-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK fsb.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 20ms
20ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/fsb.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

35cb4b9940825c4c2f7defefa13df5921724e9ab9788b639a4e2f0028ea5489a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 21155
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4543
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "2c247bf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405a87f8cb0-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_FSB-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_FSB/20191130/ 16 KB
17 KB 19ms
19ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_FSB/20191130/20191130-NP_FSB-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

e3f8046ec82b186eb95724c4a1f7b227b6e41d75ce31e6c1a67283afb830c861

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64088
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 16883
Last-Modified: Fri, 29 Nov 2019 22:10:44 GMT
Server: cloudflare
ETag: "0ca1ed81a7d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405b9278c7a-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK grw.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 21ms
20ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/grw.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

98721b450811b2fe2cddebae5ff4c5fd315b053642ae42fdb32c26fa667d4c0d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144709
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4245
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "5c2879f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405bf1759fa-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_GRW-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_GRW/20191130/ 15 KB
16 KB 19ms
19ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_GRW/20191130/20191130-NP_GRW-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cf71e456450d05b4a975276cc1a502c00e8c563aec7b001e2fada9eb7c38586c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64088
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15757
Last-Modified: Fri, 29 Nov 2019 21:33:10 GMT
Server: cloudflare
ETag: "0afa198fca6d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405bfcbcbb8-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK mltn.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 18ms
18ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/mltn.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

85a5dd64e656070599d0a96559978c3e6c25331c541d936c3173e8e859bce64f

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144300
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4130
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "9c9adf14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405cde88cc2-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_MUX-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_MUX/20191130/ 16 KB
17 KB 65ms
64ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_MUX/20191130/20191130-NP_MUX-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8e2e350878a9351d6b66bd6a92bfd7a40ff2d7fbf585e414908f3719c11f8e79

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64088
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 16675
Last-Modified: Fri, 29 Nov 2019 21:56:40 GMT
Server: cloudflare
ETag: "09cee1ffa6d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405c8948cb0-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK pshwr.png
www.express.com.pk/Images/frontpage/ 4 KB
5 KB 25ms
24ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/pshwr.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

50e938bcbaa5a719109d7f76b5f7b77839dce58ea0b083b7abf1b1f1d75dc51c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144713
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4141
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "fcabff14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405d94e8c7a-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_PEW-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_PEW/20191130/ 15 KB
15 KB 19ms
18ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_PEW/20191130/20191130-NP_PEW-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

4b7d4b8122d0255f1accee4c45aa4f5d37dd5b86e231a86305b381bb6bfd4f5e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64089
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 15248
Last-Modified: Fri, 29 Nov 2019 22:04:36 GMT
Server: cloudflare
ETag: "072c6fc0a7d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405d829cbb8-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK ryk.png
www.express.com.pk/Images/frontpage/ 5 KB
6 KB 18ms
17ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/ryk.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0a6e1708ce703ce5e43f81f4888e21d372575d629605a1d672c974c18005d41d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144709
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 5327
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "ccffd6f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405df2859fa-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_RYK-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_RYK/20191130/ 17 KB
17 KB 18ms
18ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_RYK/20191130/20191130-NP_RYK-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

cbc9f581d4f5f8fefa6ab163b1943329e3b4020c5ffb2ca18c9b242b8ff9b280

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64088
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 16921
Last-Modified: Fri, 29 Nov 2019 21:48:12 GMT
Server: cloudflare
ETag: "0f643b2fea6d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405de108cc2-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK sgd.png
www.express.com.pk/Images/frontpage/ 5 KB
5 KB 33ms
33ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/sgd.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

00a89d9cf75b9e410e7ac477b8f96f702b73d9c3707c043fa5701692609c91c5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144716
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4741
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "acb1d6f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405ff3c59fa-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_SGD-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_SGD/20191130/ 16 KB
16 KB 42ms
42ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_SGD/20191130/20191130-NP_SGD-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

da629c5383955fd1b91084f58ced49f32f013dfd90f98405bf528b326211caf0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64088
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 16032
Last-Modified: Fri, 29 Nov 2019 21:29:00 GMT
Server: cloudflare
ETag: "0b69e3fca6d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405f9688c7a-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK suk.png
www.express.com.pk/Images/frontpage/ 843 B
1 KB 20ms
20ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/suk.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

0d502bb04e3c35ff0b4f87e34b31dea146ca502c5f0a39f0b783a9861e71ddde

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144712
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 843
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "c60e1f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405f87ccbb8-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_SUK-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_SUK/20191130/ 16 KB
17 KB 20ms
19ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_SUK/20191130/20191130-NP_SUK-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

63756f9775827402397204aca2e7387a9fc80c604df72397a9643a102cff12ac

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64088
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 16540
Last-Modified: Fri, 29 Nov 2019 22:01:06 GMT
Server: cloudflare
ETag: "0fd9a7f0a7d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de5405fe2e8cc2-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK quta.png
www.express.com.pk/Images/frontpage/ 4 KB
4 KB 21ms
21ms Image
image/png 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/frontpage/quta.png

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

af1b12436c3969e38b246c835981f84b9c17b891acf3ea82ee56e3b69be5fca9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144713
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 4020
Last-Modified: Sun, 30 Jul 2017 15:53:10 GMT
Server: cloudflare
ETag: "3cbed0f14b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de540618d1cbb8-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H/1.1 200
OK 20191130-NP_QTA-Front_Page_1-thumb.jpg
www.express.com.pk/Images/NP_QTA/20191130/ 16 KB
17 KB 18ms
18ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/NP_QTA/20191130/20191130-NP_QTA-Front_Page_1-thumb.jpg

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

d5c0a38fe45af3ddbc4503eb57a22539484d030cf7b1ae5cc40eb51e67a2a9f1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:48 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 64088
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 16638
Last-Modified: Fri, 29 Nov 2019 21:51:32 GMT
Server: cloudflare
ETag: "08a7929ffa6d51:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de54061e558cc2-VIE
Expires: Mon, 02 Dec 2019 16:51:48 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 51 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f39f343e54ceca709e31ef90afc42e5388bd34a8693ab98d15d65f7b1575d079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "352 / 197 of 1000 / last-modified: 1574960877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15686
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:48 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
778 B 38ms
17ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.express.com.pk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
323 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.express.com.pk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ 159 KB
59 KB 52ms
40ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59620
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:48 GMT

GET
H/1.1 200
OK front-bg.jpg
www.express.com.pk/Images/ 75 KB
75 KB 19ms
18ms Image
image/jpeg 2606:4700::6812:8843
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.express.com.pk/Images/front-bg.jpg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:8843 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

b2ce356ce7c50209ad7f56eaaa3a3f0790b66ea8aa9f6cdd1c9c273c0769e22c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Referer: https://www.express.com.pk/css/front-style.css?v=3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:49 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 144712
X-Powered-By: ASP.NET
Connection: keep-alive
Content-Length: 76693
Last-Modified: Sun, 30 Jul 2017 15:48:27 GMT
Server: cloudflare
ETag: "2c32da484b9d31:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
X-Frame-Options: deny
Content-Type: image/jpeg
Cache-Control: public, max-age=172800
Accept-Ranges: bytes
CF-RAY: 53de540808298cb6-VIE
Expires: Mon, 02 Dec 2019 16:51:49 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 302ms
302ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=922935384451789&correlator=1190263525687493&output=ldjh&impl=fifs&adsid=NT&eid=21062452%2C21063637%2C21064169&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191130&iu_parts=11952262%2Cexpresscompk-home-lb&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pos%3Datf&cust_params=site%3Dexpresscompk%26expresscompk_page%3Dhome%26device%3DDesktop&cookie_enabled=1&bc=31&abxe=1&lmt=1575132709&dt=1575132709126&dlt=1575132708655&idt=125&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3549282267&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.express.com.pk%2F&dssz=7&icsg=170&std=0&csl=108&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x-1&msz=972x-1&ga_vid=407090447.1575132709&ga_sid=1575132709&ga_hid=910425000&fws=644&ohw=972

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c22de84cdfbb8aaabae52aed16e12f1ce5cca9745e54084177e398010dc7cdd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2090
x-xss-protection: 0
google-lineitem-id: 4474154833
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138215481875
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.express.com.pk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ 65 KB
25 KB 40ms
40ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25219
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:49 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1092
date: Sat, 30 Nov 2019 16:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sat, 30 Nov 2019 18:33:37 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=910425000&t=pageview&_s=1&dl=https%3A%2F%2Fwww.express.com.pk%2F&ul=en-us&de=UTF-8&dt=Daily%20Express%20Urdu%20Newspaper%20%7C%20Latest%20Pak...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=407090447.1575132709&jid=1079424883&_gid=1099476974.1575132709&gjid=1528295593&_v=j79&z=700106341

35 B
102 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c08::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=407090447.1575132709&jid=1079424883&_gid=1099476974.1575132709&gjid=1528295593&_v=j79&z=700106341

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sat, 30 Nov 2019 16:51:49 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Nov 2019 16:51:49 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10383371-1&cid=407090447.1575132709&jid=1079424883&_gid=1099476974.1575132709&gjid=1528295593&_v=j79&z=700106341
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 060E 0
0 18ms
17ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVBG6nJF4Tzy8-wtR4hT1hmZXj6goW6DVXkH_xkRQxC-yJylYj7HYr69TEGmVyzMMxWsO-VI-QZQ3La7gzxGu8-yQFvwIao7Bz-euP3MPcaP5zkXptrNpdZ5-rWGtCReuB_N55TXKDV1YrQbgtLtUyLNU1MWmnQ_2uR0HtmNscX6rlzQ5l8rvVnOv2QNplZG7hrW_C3xy3ltBpb5raOzZM7hYAFlcki3gu0SVTxDneeIEPk-x0AVqr0lPThjRhfPB5Jr0h4IpCwKG4g-FC34e-kdM9&sai=AMfl-YS2iUWJgEcJ3JwU0nvUZoJA7km_aYXdSbr-S9G43PrVW9Q-9n1GM8rO6HPLCGes4aHA13f-NjiID8L4BlSEAsIeK35iOpgIR9CbO5_y1Q&sig=Cg0ArKJSzE3vZTbrq8poEAE&urlfix=1&adurl=

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Nov 2019 16:51:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:49 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 060E 51 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

77286fc798231f53e7c7522d9e6b5ed9216d231867a78d9b9e28ea4a453d163f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "352 / 1 of 1000 / last-modified: 1574960877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15678
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 060E 76 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29138
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:49 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29338
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:49 GMT

GET
H2 200 pubads_impl_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 060E 159 KB
58 KB 40ms
40ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59620
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:49 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 060E 113 B
178 B 14ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.express.com.pk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 060E 4 KB
2 KB 297ms
297ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=472270402397882&correlator=2726335665570111&output=ldjh&impl=fif&eid=21062833%2C21063635%2C21065098%2C22316437&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191130&iu=%2F229445249%2FDWTag-DFPNew_RS70_Expresscompk_Banner_728x90_311017&sz=728x90&eri=2&cookie=ID%3Dd7a0f683c24489d6%3AT%3D1575132709%3AS%3DALNI_MZQLfghCCJ2WgQA3G1k8B0fRni4hA&cdm=www.express.com.pk&bc=31&abxe=1&lmt=1575132709&dt=1575132709547&dlt=1575132709439&idt=102&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=1097&adk=1743388791&uci=xd69zz354pm3&ifi=1&ifk=1555028292&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.express.com.pk%2F&top=https%3A%2F%2Fwww.express.com.pk%2F&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=407090447.1575132709&ga_sid=1575132710&ga_hid=1843490336&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ac8724d13afcc364b6d960e48b8527f6938969ec78284730b24ead7cc09b25f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2206
x-xss-protection: 0
google-lineitem-id: 4474657130
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234335411
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.express.com.pk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 060E 65 KB
25 KB 39ms
39ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25219
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:49 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 060E 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 060E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a6b165ff09e494a2d622ac8f1b427459420d64a3e4706e478e6b21b33af360f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FB9 0
0 19ms
18ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsushOtWt7xI1Pbc6AZlpgSIKnpNgwWJbpo1j9CZJr6QNy6iJ3D9HSTohzgLRBsq2B57Q96xr1XoE8wu0Wd_71tPhY1Xdj9lTBwg-PV-EEQviWvWqTL7dwBXfqaLRvtL9_2fd4EOMrIjohCLRIvutnTvF6Ckl8y-qDDLyw__EV1hLmQIcC6GWtxD-zl2W5Gh5GZtoVaVj5ydHTqBkD31ujXBVBUechJ5ENWZg1t51Mso0CA464_TIjdS0nJpLFlHdJW1ChAJlqNfRZP2f_cSLExYyztT9UK1JhdQEDznHpRC7GoGbsHif4PYJ_dWZibtdEdDtF4&sig=Cg0ArKJSzLmGSAhi00ySEAE&urlfix=1&adurl=

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Nov 2019 16:51:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 3FB9
Redirect Chain

https://secure.adnxs.com/seg?add=5639373&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5639373%26t%3D2

43 B
0

7ms
6ms

Fetch
image/gif

37.252.173.38
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5639373%26t%3D2

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 16:51:51 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.26:80
AN-X-Request-Uuid: 2a664cdc-3934-48d1-bbbc-4aae603fb668
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 16:51:51 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.199:80
AN-X-Request-Uuid: 13d244f4-878e-4179-a43b-e1bca9ce170b
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5639373%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 13732.js Show response
ads.rubiconproject.com/ad/ Frame 3FB9 26 KB
8 KB 28ms
10ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/13732.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 30 Nov 2019 16:51:49 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2362
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Sat, 30 Nov 2019 17:31:11 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FB9 76 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29138
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:49 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 060E 78 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29338
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:49 GMT

GET
H/1.1 200
OK 761730-2.js Show response
optimized-by.rubiconproject.com/a/13732/65446/ Frame 3FB9 2 KB
2 KB 118ms
82ms Script
text/javascript 69.173.144.143
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/13732/65446/761730-2.js?&cb=0.2073779480713065&tk_st=1&rf=https%3A//www.express.com.pk/&tk_sf=1&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=65446_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/13732.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 01a41bb93acbadb81835a1c2297e835ea6690e25bd2a790acb7099582a3723be

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 16:51:49 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=5, max=420
Content-Length: 912
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3FB9 51 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/13732/65446/761730-2.js?&cb=0.2073779480713065&tk_st=1&rf=https%3A//www.express.com.pk/&tk_sf=1&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=65446_2&rp_secure=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f39f343e54ceca709e31ef90afc42e5388bd34a8693ab98d15d65f7b1575d079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "352 / 142 of 1000 / last-modified: 1574960877"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15686
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:50 GMT

GET
H/1.1 200
OK aba7c83a-1d77-4d50-82f6-68be23f852b5
beacon-eu2.rubiconproject.com/beacon/d/ Frame 3FB9 43 B
268 B 53ms
18ms Image
image/webp 69.173.144.155
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu2.rubiconproject.com/beacon/d/aba7c83a-1d77-4d50-82f6-68be23f852b5?oo=0&accountId=13732&siteId=65446&zoneId=761730&sizeId=2&e=6A1E40E384DA563B7203CE6F837CA466E8408707CE019E72FBE53A4D6C1B2928A76435F5A59E64FCC7222392E6EA3F10172DB22D3B21A9B59E4F0712C21921B80D21AD16521E6D25733E34163CF33661AC237D6FA0EBFC9A6240B348FC26EBCFA393F7BBDBCC4665323EEACE10B2D444A77122FAF46C202683009FDB9DE7981633F8630F2FDB6069
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.155 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 30 Nov 2019 16:51:49 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H2 200 pubads_impl_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3FB9 159 KB
58 KB 38ms
38ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 59620
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:50 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 3FB9 113 B
175 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.express.com.pk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3FB9 6 KB
3 KB 50ms
49ms XHR
text/plain 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2264319618879586&correlator=1384720130941315&output=ldjh&impl=fif&eid=21063145&vrg=2019111801&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-36&ecs=20191130&iu=%2F229445249%2FDWTag-DFPNew_PB_RS70_Expresscompk_Banner_728x90_311017&sz=728x90&eri=2&cookie=ID%3Dd7a0f683c24489d6%3AT%3D1575132709%3AS%3DALNI_MZQLfghCCJ2WgQA3G1k8B0fRni4hA&cdm=www.express.com.pk&bc=31&abxe=1&lmt=1575132710&dt=1575132710104&dlt=1575132709849&idt=251&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=429&ady=1097&adk=3673565872&uci=7nx7xreek9tq&ifi=1&ifk=2488504456&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fwww.express.com.pk%2F&top=https%3A%2F%2Fwww.express.com.pk%2F&dssz=11&icsg=90&mso=1&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&ga_vid=407090447.1575132709&ga_sid=1575132710&ga_hid=88560898&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

bf059e0b182ad76f6dc2398e1cc70a65bdabd107111d6092803dc2ab5314002d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk

Response headers

date: Sat, 30 Nov 2019 16:51:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3098
x-xss-protection: 0
google-lineitem-id: 5156105652
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138235274727
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.express.com.pk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019111801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3FB9 65 KB
25 KB 39ms
39ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

sffe /

Resource Hash

23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 18 Nov 2019 14:07:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25219
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:50 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-36/html/ Frame 3FB9 0
0 6ms
6ms Other
text/html 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-36/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 44E6 0
0 6ms
6ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.express.com.pk/
Accept-Encoding: gzip, deflate, br
Cookie: khaos=K3LTCHEW-23-DYOX; rsid=1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUXLM3KhKxP1tUBJlFYZ4hQ5JcvaexNK8Cn3X/UNbPWpJKXQKV6YB7vxlRF/OivwyJA1Cf1tg/Usaek=; ses2=65446^1; vis2=65446^1; audit=1|hLZGFuTafB01dMccAnXmgu99qzxPzGzo1KqTUQFBXufwoKtitB0wJWjfyUnBldoGuUAB3AaiG0bgcRgjl6EitTU5Y/bRpRko
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 14 Nov 2019 18:59:50 GMT
Content-Encoding: gzip
Content-Length: 7459
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=62706
Expires: Sun, 01 Dec 2019 10:16:56 GMT
Date: Sat, 30 Nov 2019 16:51:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 3FB9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5c5e49d69dea2bc25b91f8dc522ca2556ff70838f78e0681aadfd41f8f59caf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 564D 0
0 17ms
16ms Fetch
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucwKokkNmems26PePT1PhYQi5YenFVxXKBsM6YPAdlQrRkR1NeUEScg-Ep8yJemiNiWzzF0zhOvhMgBfvOndCNELXvb4_pwREo1KZuhv1gcE22A8FvMV30IdX8VYi6XUqPcTdX9zZ6tKJDVT0_-0_dTXbwmr3sYCutFYsX-rHL-lQDrGst7x2uqBCjISOlTzwW8EylvAKi1RQZlcFtxkFcaejj-_ShBxSBDJKo6aXPM74ItBc8MyKMhSL8hokDAenVYQgChCSiesyCwsm2d7_n04pSuZDP_af86br_SIeTwGKmM4v9e8Iqek8SmXPhzUWMQqBKrH4&sig=Cg0ArKJSzHUz-Sir_3QrEAE&urlfix=1&adurl=

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Nov 2019 16:51:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.cgi
fqtag.com/ Frame 564D 35 B
0 29ms
15ms Fetch
image/gif 35.190.72.161
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://fqtag.com/pixel.cgi?p=5156105652&a=21663126586&cmp=2172221679&org=jb4kOxROhJF9qP459em1&rt=displayImg&sl=1&fmt=banner&rd=https://www.express.com.pk/&c1=157131649&c3=228445369
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.72.161 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 161.72.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Nov 2019 16:51:50 GMT
via: 1.1 google
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: 0

GET
H2 200 jstag Show response
uk-ads.openx.net/w/1.0/ Frame 564D 47 KB
17 KB 42ms
24ms Script
text/javascript 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-ads.openx.net/w/1.0/jstag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: d415c998497c1e0505fb20d4d774fa32281cd196b73fbe78d48f8d3155df9e22

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:50 GMT
content-encoding: gzip
server: OXGW/16.167.2
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
alt-svc: clear
content-length: 17541
via: 1.1 google
expires: Sat, 30 Nov 2019 17:51:50 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 564D 76 KB
29 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29138
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:50 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FB9 78 KB
29 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019111801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1573858490126243"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29338
x-xss-protection: 0
expires: Sat, 30 Nov 2019 16:51:50 GMT

GET
H2

200

acj Show response
uk-ads.openx.net/w/1.0/ Frame 564D
Redirect Chain

https://uk-ads.openx.net/w/1.0/acj?ai=21aea271-e735-45f9-ad1b-26228001d5f1&o=5779467988&callback=OX_5779467988&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=p...
https://uk-ads.openx.net/w/1.0/acj?cc=1&ai=21aea271-e735-45f9-ad1b-26228001d5f1&o=5779467988&callback=OX_5779467988&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&...

343 B
541 B

32ms
32ms

Script
application/json

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://uk-ads.openx.net/w/1.0/acj?cc=1&ai=21aea271-e735-45f9-ad1b-26228001d5f1&o=5779467988&callback=OX_5779467988&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1
Requested by: Host: www.express.com.pk
URL: https://www.express.com.pk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: f8d63950ba23ef1854795c955984d5c39c58c4124a2c1ceb68f1478d991e8998

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Nov 2019 16:51:50 GMT
via: 1.1 google
server: OXGW/16.167.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
alt-svc: clear
content-length: 343
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 30 Nov 2019 16:51:50 GMT
via: 1.1 google
server: OXGW/16.167.2
location: https://uk-ads.openx.net/w/1.0/acj?cc=1&ai=21aea271-e735-45f9-ad1b-26228001d5f1&o=5779467988&callback=OX_5779467988&ju=https%3A//www.express.com.pk/&jr=&auid=539431202&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-60&ws=728x90&ifr=1&tws=1600x1200&mt=1
p3p: CP="CUR ADM OUR NOR STA NID"
status: 302
alt-svc: clear
content-length: 0

GET
DATA 200
OK truncated
/ Frame 564D 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa7f51e07a850335c36f631dcc55a5081dbc1c2dd5dc68f6114370c8fe430f1a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame E6F7 0
0 16ms
15ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=1&ph=50ab0170-10fc-4aec-b816-8e01043433e7
Requested by: Host: uk-ads.openx.net
URL: https://uk-ads.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=1&ph=50ab0170-10fc-4aec-b816-8e01043433e7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.express.com.pk/
accept-encoding: gzip, deflate, br
cookie: i=eb70a15e-e1b1-0e52-3945-2157a816dbe3|1575132710
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.express.com.pk/

Response headers

status: 200
vary: Accept
set-cookie: i=eb70a15e-e1b1-0e52-3945-2157a816dbe3|1575132710; Version=1; Expires=Sun, 29-Nov-2020 16:51:50 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1575132710|gu; Version=1; Expires=Sun, 15-Dec-2019 16:51:50 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 30 Nov 2019 16:51:50 GMT
content-type: text/html
content-length: 151
via: 1.1 google
alt-svc: clear

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 564D 49 KB
19 KB 6ms
6ms Script
text/javascript 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: www.express.com.pk
URL: https://www.express.com.pk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

55d20e0a0093aa8f329c47535283833f6a485ae91ab3ea7377ebd74e704db1dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 30 Nov 2019 16:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1072
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19103
x-xss-protection: 0
server: cafe
etag: 12682171949725454966
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Nov 2019 17:33:58 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 564D 0
304 B 320ms
105ms Other
image/gif 2607:f8b0:4002:c09::5e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~k3ltchoz&chm=1&ctx=2&gqid=Jp7iXYr7BorW-gb3rLuABw&qqid=CJ3tpM2ykuYCFUhx4AodcVoFxQ&met.4=fb.2~lb.1m~ol.37~idt.5h~dt.-1i&met.3=197.1k~123.1j_2~118.1s~118.1v~117.37~118.3b_1~118.3d~113.3p_3~112.3o_5&met.1=1.k3ltchla~14.0~15.0~16.0~17.0~18.0~19.0~20.35~21.37~22.1o~23.1o&met.7=CBsQCiADOCw~CCoQChgBIAMoAzAuOCs~CBsQCiBJOCQ~CCgQChgBIHgoeDB_OAdoeHB-eNOWAYABn5UBiAGWiAOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4002:c09::5e , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.express.com.pk/
Origin: https://www.express.com.pk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 30 Nov 2019 16:51:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 060E 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTtJkqWHHDEckkeWs1cnV-9J0afYrFtlf0yXlKPvYeHDjnPhjbiMTfx0gjI1CSmo7N5mn5wWT9yqq38GBhetqWJ2G2UCLgaTm2iwDwQas&sig=Cg0ArKJSzIaKL-wsjVG2EAE&adk=3549282267&tt=-1&bs=1585%2C1200&mtos=0,1014,1014,1014,1014&tos=0,1014,0,0,0&p=1097,429,1187,1157&mcvt=1014&rs=0&ht=0&tfs=109&tls=1123&mc=0.99&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1575132709440&dlt&rpt=120&isd=0&msd=0&ext&imams=1&xdi=0&mxd=1&ps=1585%2C1272&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-8-12-4-11-11-0-0-0&tvt=1121&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.express.com.pk%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Nov 2019 16:51:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3FB9 42 B
110 B 15ms
15ms Image
image/gif 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1Si3Iyeyuz5ARM_J17zbJy2ypoDdGRe0PMoBtvBFmyACcvnlydVwK9NHLH3W5SVr-VbVRJyiNzmBbFYF4IbXoHIgtWzpMbxC7NI_Bqg8&sig=Cg0ArKJSzH49DeRJaXEdEAE&adk=1743388791&tt=-1&bs=1585%2C1200&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&p=0,0,90,728&mcvt=1012&rs=0&ht=0&tfs=109&tls=1121&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1575132709851&dlt&rpt=260&isd=0&msd&ext&imams=1&xdi=0&mxd=1&ps=1585%2C1272&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-3-12-2-11-11-0-0-0&tvt=1120&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.express.com.pk%2F&r=v&id=osdim&vs=4&uc=12&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Nov 2019 16:51:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 564D 42 B
110 B 17ms
16ms Image
image/gif 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstp2lT78LoRuKqc_a5u_t_gSgBRTBVA6x4JAzQgQoTBUa-LCzOtQ4wL2ALjAzPGZ41RdhSYliJN46vaZR56Is8h3EO0kcuyh8_bY3QTGyQ&sig=Cg0ArKJSzNiGKbKO6zI7EAE&adk=3673565872&tt=-1&bs=1585%2C1200&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&p=0,0,90,728&mcvt=1012&rs=0&ht=0&tfs=205&tls=1217&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&lm=2&rst=1575132710161&dlt&rpt=115&isd=0&msd&ext&imams=1&xdi=0&mxd=1&ps=1585%2C1272&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-3-13-2-12-12-0-0-0&tvt=1216&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.express.com.pk%2F&r=v&id=osdim&vs=4&uc=13&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20191115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.express.com.pk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Nov 2019 16:51:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.express.com.pk/	1970-01-19 05:32:12	Name: _gat Value: 1
.express.com.pk/	1970-01-19 05:33:39	Name: _gid Value: GA1.3.1099476974.1575132709
.express.com.pk/	1970-01-19 23:03:24	Name: _ga Value: GA1.3.407090447.1575132709
.express.com.pk/	1970-01-19 06:15:24	Name: __cfduid Value: dd92e741de4cdd0f97b8625b87cd05a4b1575132708

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
adservice.google.com
adservice.google.de
beacon-eu2.rubiconproject.com
csi.gstatic.com
eu-u.openx.net
eus.rubiconproject.com
fqtag.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
secure.adnxs.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
uk-ads.openx.net
www.express.com.pk
www.google-analytics.com
www.googletagservices.com
104.109.78.125
172.217.16.162
2.19.38.84
2606:4700::6812:8843
2607:f8b0:4002:c09::5e
2a00:1450:4001:808::200e
2a00:1450:4001:814::2002
2a00:1450:4001:81a::2002
2a00:1450:4001:820::2001
2a00:1450:4001:821::2002
2a00:1450:400c:c08::9b
34.95.120.147
35.190.72.161
37.252.173.38
69.173.144.143
69.173.144.155
0074816bcfbabac978270afd1358a34fe3d5b752ffae49ee897ea59b261e089c
00a89d9cf75b9e410e7ac477b8f96f702b73d9c3707c043fa5701692609c91c5
01a41bb93acbadb81835a1c2297e835ea6690e25bd2a790acb7099582a3723be
03b07f320a1692a2d507465027fffaa6560d19d248c33bb6a5f2c97b75680c1d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0a6e1708ce703ce5e43f81f4888e21d372575d629605a1d672c974c18005d41d
0d502bb04e3c35ff0b4f87e34b31dea146ca502c5f0a39f0b783a9861e71ddde
0e946b0ee0337cf23c845f67a238e1fefd5f1e014fdbd8ea27870172fcedd40f
14612f3ed35e1c31b1784c6cfc0ba55727b4e41c3b35b7e12441197be121799e
23f5a3eca6fec1f8380dd45a87da65ee9ab4c93d4602403dc26b18e2afeb201f
35cb4b9940825c4c2f7defefa13df5921724e9ab9788b639a4e2f0028ea5489a
3f2b53632d1d95a577276234fec15bc0e96c87b8d683763415c6d0fbc9d232c0
4b7d4b8122d0255f1accee4c45aa4f5d37dd5b86e231a86305b381bb6bfd4f5e
50e938bcbaa5a719109d7f76b5f7b77839dce58ea0b083b7abf1b1f1d75dc51c
55d20e0a0093aa8f329c47535283833f6a485ae91ab3ea7377ebd74e704db1dd
5a6b165ff09e494a2d622ac8f1b427459420d64a3e4706e478e6b21b33af360f
620a4f4a3c913a009f1306314145e9f934dd89c86c79a79569de11de2069c1c9
63756f9775827402397204aca2e7387a9fc80c604df72397a9643a102cff12ac
73af7abce20397b5d04820a6d53b9e3cd876be79e2a48e96710220fb4f6a47d5
77286fc798231f53e7c7522d9e6b5ed9216d231867a78d9b9e28ea4a453d163f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a5dd64e656070599d0a96559978c3e6c25331c541d936c3173e8e859bce64f
8e2e350878a9351d6b66bd6a92bfd7a40ff2d7fbf585e414908f3719c11f8e79
98721b450811b2fe2cddebae5ff4c5fd315b053642ae42fdb32c26fa667d4c0d
a5c5e49d69dea2bc25b91f8dc522ca2556ff70838f78e0681aadfd41f8f59caf
a8620383e5d1fe72b46db53fa1eadbe1733824f5d272ff610c3ecea7fc0b256c
aa7f51e07a850335c36f631dcc55a5081dbc1c2dd5dc68f6114370c8fe430f1a
ac8724d13afcc364b6d960e48b8527f6938969ec78284730b24ead7cc09b25f9
af1b12436c3969e38b246c835981f84b9c17b891acf3ea82ee56e3b69be5fca9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ce356ce7c50209ad7f56eaaa3a3f0790b66ea8aa9f6cdd1c9c273c0769e22c
b74aafce4ac7a28f00102df7c3b40b42dbdc2c655ca1e064182cc250ff4fc89f
bf059e0b182ad76f6dc2398e1cc70a65bdabd107111d6092803dc2ab5314002d
c0e7f35af9cbc4b0f438886831131cedf216e59f54a45fdcc8caceaecf3270b4
c22de84cdfbb8aaabae52aed16e12f1ce5cca9745e54084177e398010dc7cdd1
cbc9f581d4f5f8fefa6ab163b1943329e3b4020c5ffb2ca18c9b242b8ff9b280
cf71e456450d05b4a975276cc1a502c00e8c563aec7b001e2fada9eb7c38586c
d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3
d415c998497c1e0505fb20d4d774fa32281cd196b73fbe78d48f8d3155df9e22
d5c0a38fe45af3ddbc4503eb57a22539484d030cf7b1ae5cc40eb51e67a2a9f1
da629c5383955fd1b91084f58ced49f32f013dfd90f98405bf528b326211caf0
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e0aa3ab0c40d93b04a810b8fcd2b90be7d04cc2cc342c4bff2091072cb172697
e14aa3e531eddc18b162b6c73d5617dd154f30cb141a5f62746092223f1a9b1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f8046ec82b186eb95724c4a1f7b227b6e41d75ce31e6c1a67283afb830c861
e48c4975b293be404aa17aca3844095d270597494ffabe5316cad8c3e45d5004
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1fdea430c24da4baa4534585b722158cd4158fc27583b2057daa53df9ee62d4
f39f343e54ceca709e31ef90afc42e5388bd34a8693ab98d15d65f7b1575d079
f5edad836296371cf3e554be8498c70faa2383ca1dc53ddff01bd50b6facca07
f8d63950ba23ef1854795c955984d5c39c58c4124a2c1ceb68f1478d991e8998
ffbf6bd74bc379ae02383ea3406d288b18a073cf8fb9b653d2fda86c83896c32

www.express.com.pk Open in urlscan Pro 2606:4700::6812:8843 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

74 Requests

100 %HTTPS

50 %IPv6

12 Domains

18 Subdomains

17 IPs

5 Countries

888 kBTransfer

1813 kBSize

4 Cookies

9 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.express.com.pk Open in urlscan Pro
2606:4700::6812:8843 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

100 %
HTTPS

50 %
IPv6

12
Domains

18
Subdomains

17
IPs

5
Countries

888 kB
Transfer

1813 kB
Size

4
Cookies

74 HTTP transactions
3 data transactions