glossy.espreso.rs Open in urlscan Pro
185.80.70.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://glossy.espreso.rs/
Effective URL:
https://glossy.espreso.rs/
Submission: On June 06 via api (June 6th 2020, 10:41:36 pm UTC) from US

Summary HTTP 90 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 21 domains to perform 90 HTTP transactions. The main IP is 185.80.70.15, located in Serbia and belongs to PROVIDUS-AS, RS. The main domain is glossy.espreso.rs.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 2nd 2020. Valid for: 3 months.

This is the only time glossy.espreso.rs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	185.80.70.15 185.80.70.15	43191 (PROVIDUS-AS) (PROVIDUS-AS)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
2 4	54.37.141.149 54.37.141.149	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
4	51.83.214.237 51.83.214.237	16276 (OVH) (OVH)
2 9	87.237.206.236 87.237.206.236	51859 (MNSHA-AS) (MNSHA-AS)
3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:218... 2600:9000:2182:7000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:2000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	149.202.217.129 149.202.217.129	16276 (OVH) (OVH)
1	13.226.159.98 13.226.159.98	16509 (AMAZON-02) (AMAZON-02)
2 4	137.74.0.158 137.74.0.158	16276 (OVH) (OVH)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:20e... 2600:9000:20eb:ee00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.58.64.30 52.58.64.30	16509 (AMAZON-02) (AMAZON-02)
1	51.15.154.185 51.15.154.185	12876 (Online SAS) (Online SAS)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:218... 2600:9000:2182:aa00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81a::2001	15169 (GOOGLE) (GOOGLE)
1	143.204.94.101 143.204.94.101	16509 (AMAZON-02) (AMAZON-02)
3	34.196.57.87 34.196.57.87	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
90	29

18 185.80.70.15 (Serbia) 1 redirects

ASN43191 (PROVIDUS-AS, RS)

glossy.espreso.rs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.141.149 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip149.ip-54-37-141.eu

rs.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.83.214.237 (France)

ASN16276 (OVH, FR)
PTR: ip237.ip-51-83-214.eu

cdn.pushpushgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 87.237.206.236 (Serbia) 2 redirects

ASN51859 (MNSHA-AS, RS)

gars.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adrs.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rs.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:7000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.217.129 (France)

ASN16276 (OVH, FR)
PTR: ovhfr7.host.hit.gemius.pl

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.98 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-98.dus51.r.cloudfront.net

pym.nprapps.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 137.74.0.158 (Warsaw, Poland) 2 redirects

ASN16276 (OVH, FR)
PTR: ovhpl8.host.hit.gemius.pl

alt.adocean.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alt.hudb.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ee00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.64.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-64-30.eu-central-1.compute.amazonaws.com

apis.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.154.185 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: www.kurir.rs

www.kurir.rs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:aa00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-101.fra50.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.196.57.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-57-87.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	espreso.rs 1 redirects glossy.espreso.rs	562 KB
15	googlesyndication.com 91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	212 KB
10	gemius.pl 2 redirects gars.hit.gemius.pl adrs.hit.gemius.pl ls.hit.gemius.pl rs.hit.gemius.pl	13 KB
8	gstatic.com fonts.gstatic.com	80 KB
6	ampproject.org cdn.ampproject.org	115 KB
6	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org apis.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	158 KB
6	adocean.pl 3 redirects rs.adocean.pl alt.adocean.pl	46 KB
5	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	119 KB
4	pushpushgo.com cdn.pushpushgo.com	73 KB
3	chartbeat.net ping.chartbeat.net	504 B
3	google.com 2 redirects adservice.google.com www.google.com	1 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	facebook.net connect.facebook.net	62 KB
2	hudb.pl 1 redirects alt.hudb.pl	583 B
2	google.de adservice.google.de www.google.de	1 KB
2	googletagservices.com www.googletagservices.com	42 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	facebook.com www.facebook.com	257 B
1	kurir.rs www.kurir.rs
1	nprapps.org pym.nprapps.org	3 KB
1	googleapis.com fonts.googleapis.com	785 B
90	21

	Domain	Requested by
18	glossy.espreso.rs	1 redirects glossy.espreso.rs
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net glossy.espreso.rs tpc.googlesyndication.com cdn.ampproject.org
8	fonts.gstatic.com	glossy.espreso.rs
6	cdn.ampproject.org	securepubads.g.doubleclick.net
5	adrs.hit.gemius.pl	2 redirects rs.adocean.pl
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	cdn.pushpushgo.com	glossy.espreso.rs cdn.pushpushgo.com
4	rs.adocean.pl	2 redirects glossy.espreso.rs
3	ping.chartbeat.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net glossy.espreso.rs
3	www.google-analytics.com	glossy.espreso.rs
3	gars.hit.gemius.pl	glossy.espreso.rs gars.hit.gemius.pl
2	91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	connect.facebook.net	glossy.espreso.rs connect.facebook.net
2	alt.hudb.pl	1 redirects glossy.espreso.rs
2	alt.adocean.pl	1 redirects glossy.espreso.rs
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	www.google.com	2 redirects
2	www.googletagservices.com	glossy.espreso.rs securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	static.chartbeat.com	glossy.espreso.rs
1	www.facebook.com	glossy.espreso.rs
1	www.kurir.rs	pym.nprapps.org
1	apis.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	vendorlist.consensu.org	quantcast.mgr.consensu.org
1	rs.hit.gemius.pl	glossy.espreso.rs
1	pym.nprapps.org	glossy.espreso.rs
1	ls.hit.gemius.pl	gars.hit.gemius.pl
1	www.google.de	glossy.espreso.rs
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	quantcast.mgr.consensu.org	glossy.espreso.rs
1	fonts.googleapis.com	glossy.espreso.rs
90	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
stil.kurir.rs
www.elle.rs
www.lovesensa.rs
www.kurir.rs
www.cosmopolitan.rs
www.lepaisrecna.rs
www.newsweek.rs
www.menshealth.rs
www.nationalgeographic.rs
www.yumama.com
www.stvarukusa.rs
www.espreso.rs
www.navidiku.rs

Subject Issuer	Validity	Valid
espreso.rs Let's Encrypt Authority X3	`2020-05-02` - `2020-07-31`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.adocean.pl Sectigo ECC Domain Validation Secure Server CA	`2020-01-27` - `2022-02-05`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.pushpushgo.com DOMENY SSL DV Certification Authority	`2020-04-24` - `2022-04-24`	2 years	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
pym.nprapps.org Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
alt.hudb.pl Sectigo RSA Domain Validation Secure Server CA	`2019-04-25` - `2020-04-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
www.kurir.rs Let's Encrypt Authority X3	`2020-05-06` - `2020-08-04`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://glossy.espreso.rs/
Frame ID: 8CDF42A47E3C775556398B69D48B3E1A
Requests: 72 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v34/cmp-3pc-check.html
Frame ID: 6CCD042A1D33747128F5BE35C93DC2F6
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: EBD86C809FFEA1B84D30CFE80C8F2F80
Requests: 1 HTTP requests in this frame

Frame: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.rs%2F
Frame ID: 7576237235333650CEA0E30F04D4D434
Requests: 1 HTTP requests in this frame

Frame: https://91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 6DF96E218BCBD4CD365046FB075028B7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js
Frame ID: 8296CC408384D1AD051AEF1D2010FA9E
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 97AC1433879CB874F175C74E0D9862D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://glossy.espreso.rs/ HTTP 301
https://glossy.espreso.rs/ Page URL

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

AdOcean () Expand

Overall confidence: 100%
Detected patterns

script /adocean\.pl\/files\/js\/ado\.js/i
script /adocean\.pl/i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i
script /adocean\.pl\/files\/js\/ado\.js/i
script /adocean\.pl/i

Page Statistics

90
Requests

99 %
HTTPS

60 %
IPv6

21
Domains

35
Subdomains

29
IPs

7
Countries

1519 kB
Transfer

3385 kB
Size

8
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/glossy.rs/

Search URL Search Domain Scan URL

URL: https://twitter.com/glossy_rs

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCdyMbH4JckymM38HzUugwsA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/glossy_rs/

Search URL Search Domain Scan URL

URL: https://stil.kurir.rs/lepi-zdravi/nutricija/125823/ovaj-narodni-lek-se-pravi-od-samo-2-sastojka-leci-bol-u-zelucu-i-unistava-heliko-bakteriju-za-nedelju-dana?utm_source=glossy&utm_medium=web_home&utm_campaign=adria_internal

Search URL Search Domain Scan URL

URL: https://www.elle.rs/lifestyle/kultura/29373-10-najboljih-filmova-angeline-jolie.html?utm_source=glossy&utm_medium=web_home&utm_campaign=adria_internal

Search URL Search Domain Scan URL

URL: https://stil.kurir.rs/lifestyle/zanimljivosti/125725/greska-koju-pravite-moze-skupo-da-vas-kosta-da-li-i-vi-ovako-stitite-svoje-lozinke-na-internetu?utm_source=glossy&utm_medium=web_home&utm_campaign=adria_internal

Search URL Search Domain Scan URL

URL: https://www.lovesensa.rs/clanci/meditacija-i-relaksacija/poznata-ljubavna-meditacija-privlaci-ljubav-na-svim-nivoima?utm_source=glossy&utm_medium=web_home&utm_campaign=adria_internal

Search URL Search Domain Scan URL

URL: http://www.kurir.rs/?utm_source=glossy&utm_medium=link&utm_campaign=footer_link

Search URL Search Domain Scan URL

URL: http://www.elle.rs/?utm_source=glossy&utm_medium=link&utm_campaign=footer_link

Search URL Search Domain Scan URL

URL: http://www.cosmopolitan.rs/?utm_source=glossy&utm_medium=link&utm_campaign=footer_link

Search URL Search Domain Scan URL

URL: http://www.lepaisrecna.rs/?utm_source=glossy&utm_medium=link&utm_campaign=footer_link

Search URL Search Domain Scan URL

URL: http://www.newsweek.rs/?utm_source=glossy&utm_medium=link&utm_campaign=footer_link

Search URL Search Domain Scan URL

URL: http://www.lovesensa.rs/

Search URL Search Domain Scan URL

URL: http://www.menshealth.rs/?utm_source=glossy&utm_medium=link&utm_campaign=footer_link

Search URL Search Domain Scan URL

URL: http://www.nationalgeographic.rs/?utm_source=glossy&utm_medium=link&utm_campaign=footer_link

Search URL Search Domain Scan URL

URL: http://www.yumama.com/?utm_source=glossy&utm_medium=link&utm_campaign=footer_link

Search URL Search Domain Scan URL

URL: http://www.stvarukusa.rs/?utm_source=glossy&utm_medium=link&utm_campaign=footer_link

Search URL Search Domain Scan URL

URL: http://www.espreso.rs/?internal_campaign=glossy_footer_link

Search URL Search Domain Scan URL

URL: https://www.navidiku.rs/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://glossy.espreso.rs/ HTTP 301
https://glossy.espreso.rs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://rs.adocean.pl/_1591483259231/ad.js?id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1 HTTP 301
https://rs.adocean.pl/__/_1591483259231/ad.js?id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1 HTTP 301
https://adrs.hit.gemius.pl/redataredir?url=https%3A%2F%2Frs.adocean.pl%2F__%2F_1591483259%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DJQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7%2Fadov%3D4.1.0%2Fx%3D1600%2Fy%3D1200%2Fpage_url%3Dhttps%253A%252F%252Fglossy.espreso.rs%252F%2Ffv%3D-%2Flptype%3D1 HTTP 301
https://adrs.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Frs.adocean.pl%2F__%2F_1591483259%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DJQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7%2Fadov%3D4.1.0%2Fx%3D1600%2Fy%3D1200%2Fpage_url%3Dhttps%253A%252F%252Fglossy.espreso.rs%252F%2Ffv%3D-%2Flptype%3D1 HTTP 301
https://rs.adocean.pl/__/_1591483259/ad.js?hclsdata=&hcudata=Chm7yxzDg_0Fg48VQmfL2mkSlqigdq2BF3UCmcmhgb7.v7&id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1

Request Chain 27

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-67410988-1&cid=596600070.1591483260&jid=132807172&gjid=726525952&_gid=662261388.1591483260&_u=IGBAgEAB~&z=360343156 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67410988-1&cid=596600070.1591483260&jid=132807172&_v=j82&z=360343156 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67410988-1&cid=596600070.1591483260&jid=132807172&_v=j82&z=360343156&slf_rd=1&random=37706513

Request Chain 33

https://alt.adocean.pl/_1591483259941/redot.gif?id=1_XlneraySw7LL8m2QmY8bdeT.RwIcSaaWLV1n_0kKv.O7&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D0 HTTP 301
https://alt.adocean.pl/__/_1591483259941/redot.gif?id=1_XlneraySw7LL8m2QmY8bdeT.RwIcSaaWLV1n_0kKv.O7&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D0

Request Chain 35

https://alt.hudb.pl/_1591483259941/repoint.gif?id=10ZL__tKNMmbYXfT6Pa8D7cc.jhwbe86CT6t3N9b9W3.87&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D2 HTTP 301
https://alt.hudb.pl/__/_1591483259941/repoint.gif?id=10ZL__tKNMmbYXfT6Pa8D7cc.jhwbe86CT6t3N9b9W3.87&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D2

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

90 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
glossy.espreso.rs/
Redirect Chain

http://glossy.espreso.rs/
https://glossy.espreso.rs/

124 KB
28 KB

117ms
39ms

Document
text/html

185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: e23b80d9a06ca62504349df49bf78ab5b24583cacdd7a57843c244ce833b3564

Request headers

:method: GET
:authority: glossy.espreso.rs
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 06 Jun 2020 22:39:58 GMT
vary: Accept-Encoding
content-encoding: gzip
x-backend-server: story-app4 time for request D=36462
content-type: text/html; charset=UTF-8
server: Haste
x-haste-cacheable: YES
expires: 0
x-haste-perspective: desktop
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
age: 60
x-haste-debug-backend: storyZP
x-haste-node: cache-zp4.itplatforma.com
x-haste-cache: HIT
x-haste-hits: 4
accept-ranges: bytes
content-length: 28282

Redirect headers

Content-length: 0
Location: https://glossy.espreso.rs/

GET
H2 200 css
fonts.googleapis.com/ 6 KB
785 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d02b246a58f6f371252fea08130fea2d5043a3d8e2b46b475361d34a25c3d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Jun 2020 22:40:59 GMT
server: ESF
date: Sat, 06 Jun 2020 22:40:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 Jun 2020 22:40:59 GMT

GET
H2 200 main-v-1586975183397.css
glossy.espreso.rs/resources/css/ 85 KB
16 KB 40ms
39ms Stylesheet
text/css 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glossy.espreso.rs/resources/css/main-v-1586975183397.css
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 3c1bae5a6cdf8518ff970d16278709367d21a2b0c04ca68ae3992b02af9b8e68

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:35:00 GMT
content-encoding: gzip
age: 358
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp2.itplatforma.com
x-backend-server: story-app3 time for request D=13353
content-length: 15739
x-haste-perspective: desktop
last-modified: Wed, 22 Jan 2020 12:40:40 GMT
server: Haste
etag: "15490-59cb9d50341ad-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age = 315360000, public
x-haste-hits: 16
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main-v-1586975183397.js Show response
glossy.espreso.rs/resources/js/ 218 KB
65 KB 39ms
38ms Script
application/javascript 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glossy.espreso.rs/resources/js/main-v-1586975183397.js
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 6bb0540836bda375faedd83d62ef3d037385df6749a5fc3f69df3a1dabb362a0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:35:00 GMT
content-encoding: gzip
age: 358
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp4.itplatforma.com
x-backend-server: story-app3 time for request D=16696
content-length: 66461
x-haste-perspective: desktop
last-modified: Wed, 15 Apr 2020 22:11:56 GMT
server: Haste
etag: "36874-5a35b9abaf67b-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age = 315360000, public
x-haste-hits: 15
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ado.js Show response
rs.adocean.pl/files/js/ 94 KB
32 KB 147ms
39ms Script
application/x-javascript 54.37.141.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.adocean.pl/files/js/ado.js
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.141.149 , France, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-54-37-141.eu
Software: GAD /
Resource Hash: 9124c7fc5ce15bd2e58825b6c1a6ab7fd2b4822535315dec165675c22028017e

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:40:59 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 11:31:30 GMT
server: GAD
etag: "000176074B63CC6A"
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: public, must-revalidate, max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
content-length: 32653
expires: Sun, 07 Jun 2020 02:40:59 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 42 KB
15 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c8f94bcec873eaa3d72b1d5d3173e92e6957e88d05d324ee0f1bcf30f6a674c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "536 / 260 of 1000 / last-modified: 1591373005"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 14407
x-xss-protection: 0
expires: Sat, 06 Jun 2020 22:40:59 GMT

GET
H2 200 5b8d17a8f446bb000b381dd8.js Show response
cdn.pushpushgo.com/js/ 181 KB
54 KB 116ms
33ms Script
application/javascript 51.83.214.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushpushgo.com/js/5b8d17a8f446bb000b381dd8.js
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.214.237 , France, ASN16276 (OVH, FR),
Reverse DNS: ip237.ip-51-83-214.eu
Software: nginx /
Resource Hash: 756f04f759e2eec9e00ca613b30488be31c304b33b395846054af84dcdd0bc3f

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:40:59 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 12:23:37 GMT
server: nginx
etag: "5ed644c9-d81a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=120
content-length: 55322
expires: Sat, 06 Jun 2020 22:42:59 GMT

GET
H2 200 logo.svg
glossy.espreso.rs/resources/images/svg/ 5 KB
3 KB 39ms
39ms Image
image/svg+xml 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/resources/images/svg/logo.svg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 047ed5c1bcaea807f1edb61af9be9d808c474d7ae00dd2577067ad4adbcffd29

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:40:20 GMT
content-encoding: gzip
age: 38
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp3.itplatforma.com
x-backend-server: story-app4 time for request D=1073
content-length: 2249
x-haste-perspective: desktop
last-modified: Sat, 04 Nov 2017 06:45:12 GMT
server: Haste
etag: "14b4-55d22902bcaa9-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-haste-hits: 9
accept-ranges: bytes
x-haste-cacheable: YES
expires: 0

GET
H2 200 290165_sajam-26032018-00025_po-s.jpg
glossy.espreso.rs/data/images/2020/04/19/10/ 61 KB
61 KB 39ms
39ms Image
image/jpeg 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/data/images/2020/04/19/10/290165_sajam-26032018-00025_po-s.jpg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 6422145b2ac84f0f03371cc3513a884aeede1e21da30622841227209aa95e401

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:25:43 GMT
age: 916
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp3.itplatforma.com
x-backend-server: story-app3 time for request D=1619
content-length: 62330
x-haste-perspective: desktop
last-modified: Sun, 19 Apr 2020 08:22:17 GMT
server: Haste
etag: "f37a-5a3a07afce14b"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 6
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 294395_profimedia0357912066_sq-s.jpg
glossy.espreso.rs/data/images/2020/06/06/20/ 54 KB
55 KB 39ms
39ms Image
image/jpeg 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/data/images/2020/06/06/20/294395_profimedia0357912066_sq-s.jpg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: b576c41d0ae773b72ec8a76cbd5e33642d7ea73d1fbf3c4884204aaa808cd6c3

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:37:05 GMT
age: 233
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp2.itplatforma.com
x-backend-server: story-app2 time for request D=1270
content-length: 55527
x-haste-perspective: desktop
last-modified: Sat, 06 Jun 2020 18:14:35 GMT
server: Haste
etag: "d8e7-5a76e599ebba8"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 12
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 263207_tanjasavic-damir-dervisagic_sq-s.jpg
glossy.espreso.rs/data/images/2019/07/02/16/ 38 KB
38 KB 39ms
38ms Image
image/jpeg 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/data/images/2019/07/02/16/263207_tanjasavic-damir-dervisagic_sq-s.jpg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: d6d94fb2902a0fa1ef1778e65b2de737f043cd1d6abcfabe4a8fcf1c9bfaed90

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:35:12 GMT
age: 347
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp1.itplatforma.com
x-backend-server: story-app4 time for request D=11471
content-length: 38692
x-haste-perspective: desktop
last-modified: Tue, 02 Jul 2019 14:47:12 GMT
server: Haste
etag: "9724-58cb3d1e50d76"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 6
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazy.png
glossy.espreso.rs/resources/images/ 936 B
1 KB 48ms
48ms Image
image/png 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/resources/images/lazy.png
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 8c5a62c74692dd5d707767c763842fa3a199c5d50b526f2a138747af21ba6202

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:32:20 GMT
age: 519
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp2.itplatforma.com
x-backend-server: story-app4 time for request D=2705
content-length: 936
x-haste-perspective: desktop
last-modified: Mon, 07 Mar 2016 13:21:23 GMT
server: Haste
etag: "3a8-52d75575f6c72"
content-type: image/png
cache-control: max-age = 315360000, public
x-haste-hits: 26
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 xgemius.js Show response
gars.hit.gemius.pl/ 40 KB
11 KB 51ms
42ms Script
application/x-javascript 87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/xgemius.js
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: 0f914deb079edf8b702c256509ffc3cec07ee26e7ed0c966623a67f2e0be43c7

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:40:59 GMT
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 07:27:50 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10782
expires: Sun, 07 Jun 2020 10:40:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6280
date: Sat, 06 Jun 2020 20:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Sat, 06 Jun 2020 22:56:19 GMT

GET
H2

200

ad.js Show response
rs.adocean.pl/__/_1591483259/
Redirect Chain

https://rs.adocean.pl/_1591483259231/ad.js?id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1
https://rs.adocean.pl/__/_1591483259231/ad.js?id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1
https://adrs.hit.gemius.pl/redataredir?url=https%3A%2F%2Frs.adocean.pl%2F__%2F_1591483259%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DJQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7%2Fa...
https://adrs.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Frs.adocean.pl%2F__%2F_1591483259%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DJQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7%...
https://rs.adocean.pl/__/_1591483259/ad.js?hclsdata=&hcudata=Chm7yxzDg_0Fg48VQmfL2mkSlqigdq2BF3UCmcmhgb7.v7&id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https...

12 KB
12 KB

37ms
37ms

Script
application/x-javascript

54.37.141.149
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.adocean.pl/__/_1591483259/ad.js?hclsdata=&hcudata=Chm7yxzDg_0Fg48VQmfL2mkSlqigdq2BF3UCmcmhgb7.v7&id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.141.149 , France, ASN16276 (OVH, FR),
Reverse DNS: ip149.ip-54-37-141.eu
Software: GAD /
Resource Hash: 1b419b27f584228b9a0d66f67e6ceb9ce33834f5c3857bd66c905101d5bd92af

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:40:59 GMT
server: GAD
vary: Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 12441
expires: Fri, 05 Jun 2020 22:40:59 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:40:59 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://rs.adocean.pl/__/_1591483259/ad.js?hclsdata=&hcudata=Chm7yxzDg_0Fg48VQmfL2mkSlqigdq2BF3UCmcmhgb7.v7&id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Fri, 05 Jun 2020 22:40:59 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 255 KB
70 KB 33ms
11ms Script
text/javascript 2600:9000:2182:7000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:7000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae9a4cb28029fecf8f9a50d23d19dc51186f14880768528c8541807615d34327

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:30:44 GMT
content-encoding: gzip
last-modified: Thu, 28 May 2020 22:22:19 GMT
server: AmazonS3
age: 780
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Xnr0Vb6nos9yz_JTZd5bPeVwhC_wZiLkeIGtxpMz_339EU73I_oC6A==
via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Origin: https://glossy.espreso.rs

Response headers

date: Mon, 18 May 2020 21:14:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:02 GMT
server: sffe
age: 1646789
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
expires: Tue, 18 May 2021 21:14:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
952 B 35ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=glossy.espreso.rs

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Jun 2020 22:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
952 B 36ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=glossy.espreso.rs

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Jun 2020 22:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020060103.js Show response
securepubads.g.doubleclick.net/gpt/ 246 KB
88 KB 75ms
28ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2020 18:46:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90085
x-xss-protection: 0
expires: Sat, 06 Jun 2020 22:40:59 GMT

GET
H2 200 logo.svg
glossy.espreso.rs/resources/images/svg/ 5 KB
3 KB 39ms
39ms Image
image/svg+xml 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/resources/images/svg/logo.svg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 047ed5c1bcaea807f1edb61af9be9d808c474d7ae00dd2577067ad4adbcffd29

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:40:20 GMT
content-encoding: gzip
age: 38
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp3.itplatforma.com
x-backend-server: story-app4 time for request D=1073
content-length: 2249
x-haste-perspective: desktop
last-modified: Sat, 04 Nov 2017 06:45:12 GMT
server: Haste
etag: "14b4-55d22902bcaa9-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-haste-hits: 10
accept-ranges: bytes
x-haste-cacheable: YES
expires: 0

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v11/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Origin: https://glossy.espreso.rs

Response headers

date: Thu, 28 May 2020 12:31:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:25 GMT
server: sffe
age: 814184
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11504
x-xss-protection: 0
expires: Fri, 28 May 2021 12:31:15 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OCtLR8a8zILig.woff2
fonts.gstatic.com/s/ptsans/v11/ 7 KB
7 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizfRExUiTo99u79B_mh0OCtLR8a8zILig.woff2

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfe6cf8ec00d0ff9673fef483a2fab0f9aeea6ea078eb9e42b4fbfc96777d1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Origin: https://glossy.espreso.rs

Response headers

date: Wed, 27 May 2020 02:53:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:33 GMT
server: sffe
age: 935220
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7288
x-xss-protection: 0
expires: Thu, 27 May 2021 02:53:59 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v11/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Origin: https://glossy.espreso.rs

Response headers

date: Sat, 16 May 2020 07:51:45 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:24:48 GMT
server: sffe
age: 1867754
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13372
x-xss-protection: 0
expires: Sun, 16 May 2021 07:51:45 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v11/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Origin: https://glossy.espreso.rs

Response headers

date: Fri, 22 May 2020 23:02:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:23:27 GMT
server: sffe
age: 1294686
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13280
x-xss-protection: 0
expires: Sat, 22 May 2021 23:02:53 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qcVyvVp8NAyIw.woff2
fonts.gstatic.com/s/ptserif/v11/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRSQgYoZZY2vCFuvAnt66qcVyvVp8NAyIw.woff2

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab9dd56193f11d93cba7de8d8c509f8f186267217e9f78ccce38bc1fd1433cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Origin: https://glossy.espreso.rs

Response headers

date: Fri, 22 May 2020 05:18:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:18:16 GMT
server: sffe
age: 1358562
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8544
x-xss-protection: 0
expires: Sat, 22 May 2021 05:18:17 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFYzr-_dSb_nco.woff2
fonts.gstatic.com/s/ptserif/v11/ 8 KB
8 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v11/EJRVQgYoZZY2vCFuvAFYzr-_dSb_nco.woff2

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2556a24c3debdcec560a1583f8efedc81d106113b440f9aa81e1bd371f9e2f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Origin: https://glossy.espreso.rs

Response headers

date: Tue, 19 May 2020 01:24:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:22:43 GMT
server: sffe
age: 1631786
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8408
x-xss-protection: 0
expires: Wed, 19 May 2021 01:24:33 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=746903121&t=pageview&_s=1&dl=https%3A%2F%2Fglossy.espreso.rs%2F&ul=en-us&de=UTF-8&dt=Glossy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=132807172&gjid=726525952&cid=596600070.1591483260&tid=UA-67410988-1&_gid=662261388.1591483260&z=982195056

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jun 2020 14:31:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 115744
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j82&tid=UA-67410988-1&cid=596600070.1591483260&jid=132807172&gjid=726525952&_gid=662261388.1591483260&_u=IGBAgEAB~&z=360343156
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67410988-1&cid=596600070.1591483260&jid=132807172&_v=j82&z=360343156
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67410988-1&cid=596600070.1591483260&jid=132807172&_v=j82&z=360343156&slf_rd=1&random=37706513

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67410988-1&cid=596600070.1591483260&jid=132807172&_v=j82&z=360343156&slf_rd=1&random=37706513

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:40:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:40:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-67410988-1&cid=596600070.1591483260&jid=132807172&_v=j82&z=360343156&slf_rd=1&random=37706513
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 14ms
13ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=746903121&t=pageview&_s=1&dl=https%3A%2F%2Fglossy.espreso.rs%2F&ul=en-us&de=UTF-8&dt=Glossy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAAEAB~&jid=614733109&gjid=434038608&cid=596600070.1591483260&tid=UA-86981738-2&_gid=662261388.1591483260&_r=1&z=1306288267

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:40:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v34/ Frame 6CCD 0
0 23ms
7ms Document
text/html 2600:9000:21f3:2000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v34/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:2000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v34/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://glossy.espreso.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glossy.espreso.rs/

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Thu, 28 May 2020 22:22:14 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 06 Jun 2020 22:28:55 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: G3_rE68aRIgMnAr4KDJd-K27GqGdRRsW_i1SK719H1IOUfj505PN4A==
age: 1055

GET
H2 200 fpdata.js Show response
gars.hit.gemius.pl/ 268 B
381 B 42ms
42ms Script
application/x-javascript 87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/fpdata.js?href=glossy.espreso.rs
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: a90f849105cbc198aa3e1f2fa4862fd5cbb78d4ad218da629cb033da7cf29c9d

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:40:59 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 268
expires: Mon, 06 Jul 2020 22:40:59 GMT

GET
H2 200 lsget.html
ls.hit.gemius.pl/ Frame EBD8 0
0 130ms
46ms Document
text/html 149.202.217.129
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.217.129 , France, ASN16276 (OVH, FR),
Reverse DNS: ovhfr7.host.hit.gemius.pl
Software: GHC /
Resource Hash

Request headers

:method: GET
:authority: ls.hit.gemius.pl
:scheme: https
:path: /lsget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://glossy.espreso.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: Gdyn=KlSxBRXGQMGGKruJAqAwsU9WssGMXP8cfR4G
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glossy.espreso.rs/

Response headers

status: 200
date: Sat, 06 Jun 2020 22:41:00 GMT
expires: Mon, 06 Jul 2020 22:41:00 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2728
content-encoding: gzip

GET
H2 200 pym.v1.min.js Show response
pym.nprapps.org/ 9 KB
3 KB 205ms
27ms Script
application/javascript 13.226.159.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pym.nprapps.org/pym.v1.min.js
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.159.98 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-98.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 01:47:53 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 16:23:08 GMT
server: AmazonS3
age: 75212
etag: "dfb7091815cbff12a30bfad66911926f"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
content-length: 2818
via: 1.1 430f949006756123f45be90f8ad8de30.cloudfront.net (CloudFront)
x-amz-cf-id: OhfXF4xNSUg53yRGaPYdgXJP6ExIpjKQLHKpVYZ8ULJuDyILHe2N1g==

GET
H2

200

redot.gif
alt.adocean.pl/__/_1591483259941/
Redirect Chain

https://alt.adocean.pl/_1591483259941/redot.gif?id=1_XlneraySw7LL8m2QmY8bdeT.RwIcSaaWLV1n_0kKv.O7&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D0
https://alt.adocean.pl/__/_1591483259941/redot.gif?id=1_XlneraySw7LL8m2QmY8bdeT.RwIcSaaWLV1n_0kKv.O7&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D0

43 B
355 B

145ms
67ms

Image
image/gif

137.74.0.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alt.adocean.pl/__/_1591483259941/redot.gif?id=1_XlneraySw7LL8m2QmY8bdeT.RwIcSaaWLV1n_0kKv.O7&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D0
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.0.158 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: ovhpl8.host.hit.gemius.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:41:00 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Fri, 05 Jun 2020 22:41:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:41:00 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1591483259941/redot.gif?id=1_XlneraySw7LL8m2QmY8bdeT.RwIcSaaWLV1n_0kKv.O7&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D0
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Fri, 05 Jun 2020 22:41:00 GMT

GET
H2 200 redot.gif
rs.hit.gemius.pl/_1591483259941/ 43 B
266 B 118ms
75ms Image
image/gif 87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rs.hit.gemius.pl/_1591483259941/redot.gif?id=bVnr24M7JJDtjp3qdxyvFZchT.SgXsSakv3V1jPYkKv.u7&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D1
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:41:00 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Fri, 05 Jun 2020 22:41:00 GMT

GET
H2

200

repoint.gif
alt.hudb.pl/__/_1591483259941/
Redirect Chain

https://alt.hudb.pl/_1591483259941/repoint.gif?id=10ZL__tKNMmbYXfT6Pa8D7cc.jhwbe86CT6t3N9b9W3.87&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D2
https://alt.hudb.pl/__/_1591483259941/repoint.gif?id=10ZL__tKNMmbYXfT6Pa8D7cc.jhwbe86CT6t3N9b9W3.87&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D2

43 B
214 B

37ms
37ms

Image
image/gif

137.74.0.158
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alt.hudb.pl/__/_1591483259941/repoint.gif?id=10ZL__tKNMmbYXfT6Pa8D7cc.jhwbe86CT6t3N9b9W3.87&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D2
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.0.158 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: ovhpl8.host.hit.gemius.pl
Software: GHC /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:41:00 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: image/gif
content-length: 43
expires: Fri, 05 Jun 2020 22:41:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:41:00 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1591483259941/repoint.gif?id=10ZL__tKNMmbYXfT6Pa8D7cc.jhwbe86CT6t3N9b9W3.87&fpdata=&extra=_unique%3D45391591483259941%7C_order%3D2
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Fri, 05 Jun 2020 22:41:00 GMT

GET
H2 200 network_sprite.png
glossy.espreso.rs/resources/images/footer/ 18 KB
19 KB 39ms
38ms Image
image/png 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/resources/images/footer/network_sprite.png?v1.3
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: acc49181c1159411dedea76bfc96b1036404bce43a74fdf359639145abe444ab

Request headers

Referer: https://glossy.espreso.rs/resources/css/main-v-1586975183397.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:34:27 GMT
age: 392
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp4.itplatforma.com
x-backend-server: story-app4 time for request D=1062
content-length: 18620
x-haste-perspective: desktop
last-modified: Fri, 20 Jan 2017 13:25:28 GMT
server: Haste
etag: "48bc-54686955a66f0"
content-type: image/png
cache-control: max-age = 315360000, public
x-haste-hits: 16
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jizaRExUiTo99u79D0yExcOPIDUg-g.woff2
fonts.gstatic.com/s/ptsans/v11/ 7 KB
7 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0yExcOPIDUg-g.woff2

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37b8e87c76f63fdd30214c4f93350b387076cba53d0c5cd52fd2059ee645ba41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Origin: https://glossy.espreso.rs

Response headers

date: Wed, 20 May 2020 07:18:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:26:49 GMT
server: sffe
age: 1524147
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7264
x-xss-protection: 0
expires: Thu, 20 May 2021 07:18:32 GMT

GET
H2 200 cmpui-popup.js Show response
static.quantcast.mgr.consensu.org/v34/ 258 KB
69 KB 8ms
7ms Script
text/javascript 2600:9000:21f3:2000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v34/cmpui-popup.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:2000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7a580835e59bad7481527ebaf08ca3a959177c48c63d60ef5cdb2e12e8f470e

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:33:14 GMT
content-encoding: gzip
last-modified: Thu, 28 May 2020 22:22:14 GMT
server: AmazonS3
age: 1089
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Dr4K2eJXHZlZIZW4nY8CjCVyyxgfaTYkBQd4FH3WANV1JwoQRvM5rw==
via: 1.1 d9bf8acc1da383db4531789bbb03ac07.cloudfront.net (CloudFront)

POST
H2 200 sarg=5EDC1B7B09AED646
adrs.hit.gemius.pl/_1591483259961/redot.js/id=nFhFBoP4tawHMLju0aKcyMbgXtGkRoc4vAucZY2qOwL.P7/stparam=kkjrojpmls/fastid=fwumvvsjlvuymvbrxtrtxphgzqqj/ 2 B
215 B 46ms
46ms Other
application/x-javascript 87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adrs.hit.gemius.pl/_1591483259961/redot.js/id=nFhFBoP4tawHMLju0aKcyMbgXtGkRoc4vAucZY2qOwL.P7/stparam=kkjrojpmls/fastid=fwumvvsjlvuymvbrxtrtxphgzqqj/sarg=5EDC1B7B09AED646
Requested by: Host: rs.adocean.pl
URL: https://rs.adocean.pl/__/_1591483259/ad.js?hclsdata=&hcudata=Chm7yxzDg_0Fg48VQmfL2mkSlqigdq2BF3UCmcmhgb7.v7&id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:40:59 GMT
server: GHC
status: 200
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://glossy.espreso.rs
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Fri, 05 Jun 2020 22:40:59 GMT

POST
H2 200 sarg=5EDC1B7B09AED646
adrs.hit.gemius.pl/_1591483259964/redot.js/id=nFhFBoP4tawHMLju0aKcyMbgXtGkRoc4vAucZY2qOwL.P7/stparam=onflmogpfc/fastid=fwumvvsjlvuymvbrxtrtxphgzqqj/ 2 B
170 B 64ms
64ms Other
application/x-javascript 87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adrs.hit.gemius.pl/_1591483259964/redot.js/id=nFhFBoP4tawHMLju0aKcyMbgXtGkRoc4vAucZY2qOwL.P7/stparam=onflmogpfc/fastid=fwumvvsjlvuymvbrxtrtxphgzqqj/sarg=5EDC1B7B09AED646
Requested by: Host: rs.adocean.pl
URL: https://rs.adocean.pl/__/_1591483259/ad.js?hclsdata=&hcudata=Chm7yxzDg_0Fg48VQmfL2mkSlqigdq2BF3UCmcmhgb7.v7&id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:40:59 GMT
server: GHC
status: 200
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://glossy.espreso.rs
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Fri, 05 Jun 2020 22:40:59 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8272741b8dd0aa90f124950007e4f3ec75ec4f27e8e35cb3a7f961a38b2c402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GglZmSFQjLCtK+YPhT31Rg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=3600
content-length: 1783
etag: "7350a7242f7d5215719aaf9938d33d74"
x-fb-debug: u2rijQHGPALYU15we052Le1BIHDf6FpEOW1aNXP1DuljiZv+ZgX24t4xMk0Nrm8cFbOwX4xLwiQg/Fm7apeLvA==
x-fb-trip-id: 664085054
x-fb-content-md5: 8282038958387b4bb35010a2bd6b92c3
x-frame-options: DENY
date: Sat, 06 Jun 2020 22:40:59 GMT, Sat, 06 Jun 2020 22:40:59 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Jun 2020 22:50:49 GMT

POST
H2 200 sarg=5EDC1B7B09AED646
adrs.hit.gemius.pl/_1591483259965/redot.js/id=nFhFBoP4tawHMLju0aKcyMbgXtGkRoc4vAucZY2qOwL.P7/stparam=wgnhbvhkci/fastid=fwumvvsjlvuymvbrxtrtxphgzqqj/ 2 B
170 B 64ms
64ms Other
application/x-javascript 87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adrs.hit.gemius.pl/_1591483259965/redot.js/id=nFhFBoP4tawHMLju0aKcyMbgXtGkRoc4vAucZY2qOwL.P7/stparam=wgnhbvhkci/fastid=fwumvvsjlvuymvbrxtrtxphgzqqj/sarg=5EDC1B7B09AED646
Requested by: Host: rs.adocean.pl
URL: https://rs.adocean.pl/__/_1591483259/ad.js?hclsdata=&hcudata=Chm7yxzDg_0Fg48VQmfL2mkSlqigdq2BF3UCmcmhgb7.v7&id=JQtFtXCFPcJUZVVI5pZCvzIEE6D.z.ImzfgWQA2cBz7.x7/adov=4.1.0/x=1600/y=1200/page_url=https%3A%2F%2Fglossy.espreso.rs%2F/fv=-/lptype=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:40:59 GMT
server: GHC
status: 200
p3p: CP="NOI DSP COR NID PSAo OUR IND"
access-control-allow-origin: https://glossy.espreso.rs
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: none
content-type: application/x-javascript
content-length: 2
expires: Fri, 05 Jun 2020 22:40:59 GMT

POST
H2 200 check_if_user_is_logged_in Show response
glossy.espreso.rs/profil/ 103 B
304 B 125ms
125ms XHR
text/html 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glossy.espreso.rs/profil/check_if_user_is_logged_in
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/resources/js/main-v-1586975183397.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Apache /
Resource Hash: 3fbf70737de6059ba779936f7e000913355d5cc0eb7148d0f045e00e69c4a514

Request headers

Accept: */*
Referer: https://glossy.espreso.rs/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 06 Jun 2020 22:41:00 GMT
content-encoding: gzip
server: Apache
x-backend-server: story-app3 time for request D=16541
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 287431_j-lo_sq-s.jpg
glossy.espreso.rs/data/images/2020/03/09/09/ 39 KB
39 KB 42ms
40ms Image
image/jpeg 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/data/images/2020/03/09/09/287431_j-lo_sq-s.jpg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 0ebc1d9b25f820aee8d4a9fef1e1e90701049d96d4d1a298e743788b897d63d3

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:36:51 GMT
age: 248
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp1.itplatforma.com
x-backend-server: story-app4 time for request D=1547
content-length: 39988
x-haste-perspective: desktop
last-modified: Mon, 09 Mar 2020 08:54:12 GMT
server: Haste
etag: "9c34-5a06825aac468"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 2
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 265799_katarina-grujic-dragana-udovicic_sq-s.jpg
glossy.espreso.rs/data/images/2019/08/17/19/ 40 KB
40 KB 48ms
47ms Image
image/jpeg 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/data/images/2019/08/17/19/265799_katarina-grujic-dragana-udovicic_sq-s.jpg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 0bfdb3415b15fb4db892a5dbcba8e733c8ebf1516e0c4a07550e0dfec289431e

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:26:27 GMT
age: 872
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp1.itplatforma.com
x-backend-server: story-app3 time for request D=2263
content-length: 40991
x-haste-perspective: desktop
last-modified: Sat, 17 Aug 2019 17:11:49 GMT
server: Haste
etag: "a01f-5905333d67f59"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 43
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 294379_profimedia0270076400_sq-s.jpg
glossy.espreso.rs/data/images/2020/06/06/11/ 27 KB
28 KB 94ms
93ms Image
image/jpeg 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/data/images/2020/06/06/11/294379_profimedia0270076400_sq-s.jpg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 22e4f01acfaeb61723ad4e53133730714aef32395c884165ad428a74b032dec7

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:40:46 GMT
age: 13
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp1.itplatforma.com
x-backend-server: story-app4 time for request D=1869
content-length: 27970
x-haste-perspective: desktop
last-modified: Sat, 06 Jun 2020 09:29:37 GMT
server: Haste
etag: "6d42-5a767042f215b"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 1
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 256957_profimedia0089684588_sq-s.jpg
glossy.espreso.rs/data/images/2019/04/06/19/ 71 KB
71 KB 121ms
120ms Image
image/jpeg 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/data/images/2019/04/06/19/256957_profimedia0089684588_sq-s.jpg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 9b9ec23927af3899f6025c379c49c96175b2f4ac55e7b5ac8f03305711a6ad7f

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:32:22 GMT
age: 517
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp1.itplatforma.com
x-backend-server: story-app4 time for request D=2078
content-length: 72283
x-haste-perspective: desktop
last-modified: Sat, 06 Apr 2019 17:14:48 GMT
server: Haste
etag: "11a5b-585dfbd9a63e1"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 26
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 142796_radmilazivkovicfotodraganaudovicic1462274897898255_sq-s.jpg
glossy.espreso.rs/data/images/2016/11/18/21/ 46 KB
46 KB 95ms
94ms Image
image/jpeg 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/data/images/2016/11/18/21/142796_radmilazivkovicfotodraganaudovicic1462274897898255_sq-s.jpg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 6b6a669f97718beb3f015ff913fcaf0a0aca44dc3f535bac78f852be24fa8d8a

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:38:27 GMT
age: 152
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp1.itplatforma.com
x-backend-server: story-app4 time for request D=7704
content-length: 46658
x-haste-perspective: desktop
last-modified: Fri, 18 Nov 2016 20:07:58 GMT
server: Haste
etag: "b642-54198dcc6390a"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 9
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 290165_sajam-26032018-00025_sq-s.jpg
glossy.espreso.rs/data/images/2020/04/19/10/ 47 KB
48 KB 66ms
65ms Image
image/jpeg 185.80.70.15
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.rs/data/images/2020/04/19/10/290165_sajam-26032018-00025_sq-s.jpg
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.70.15 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: e2b4062717b16533e4e3adc94476fd27c637c0f899a059c753963a875e9bcb8d

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:34:05 GMT
age: 414
x-haste-cache: HIT
status: 200
x-haste-debug-backend: storyZP
x-haste-node: cache-zp2.itplatforma.com
x-backend-server: story-app3 time for request D=1992
content-length: 48464
x-haste-perspective: desktop
last-modified: Sun, 19 Apr 2020 08:22:16 GMT
server: Haste
etag: "bd50-5a3a07afa3818"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 19
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 198 KB
60 KB 51ms
17ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8e46506e613d4f72737c564485929b84&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41b732d5f2f8e4dc9e1380eceaf1122daaa4ad8db518461bc58cc180741b4213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glossy.espreso.rs/
Origin: https://glossy.espreso.rs

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HSRPLnD7PH34NEE8h3QAoQ==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=3600
content-length: 61067
etag: "10f45ee1de62da0fdcf8ccb552ab6095"
x-fb-debug: aBbMWsWCITMeaDj/Pv2x8OsgO7eWomJhka6ETNh4w+rmKz8cZOgkrdZkCtAEQLjwXIDPxJioqa901GYKD70BnQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: dd9a5fb53af7ade3e0c4b9c5c3a67851
x-frame-options: DENY
date: Sat, 06 Jun 2020 22:41:00 GMT, Sat, 06 Jun 2020 22:41:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sun, 06 Jun 2021 21:14:34 GMT

GET
H2 200 rexdot.js Show response
gars.hit.gemius.pl/_1591483260053/ 169 B
436 B 42ms
41ms Script
application/x-javascript 87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/_1591483260053/rexdot.js?l=100&id=coWb8sNv5MIlVbnuKP6poYZiP6MpfzuOSRo2NHH_FjT.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-120&fv=-&href=https%3A%2F%2Fglossy.espreso.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=158&lsdata=l.yAcW2YY7TnBkzosfTbp7V7IVql842oqK4U9CHWypb.I7VPs2yyWrKh_y0M1CTE2PdvhGb2qzoowx_7t4xq_3uQhHe3/H0pz2pc2vSU8k/&fpdata=BIHA3RuLRSLTvQLWwFtEKFu4J1pT9Fu9aLEuUNPBKqD.T7&vis=1
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: 4406aa79613eb6209a3a7bb25a9f0475d048c377267d52d182013b0df9bf72de

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:41:00 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Fri, 05 Jun 2020 22:41:00 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 97 KB
18 KB 23ms
8ms XHR
application/json 2600:9000:20eb:ee00:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:ee00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbf81561c83bed63934df4870bfe8861e1c650f74867f54b56c753bbb817208d

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 16:10:27 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 196234
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 04 Jun 2020 16:01:32 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: sChpTtuwyDzMDlpJJPZesB71QJtZEoTO
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfd.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: zkE1FnyllC4RsO16nnpgVA4gxsIrJVfuWPk14Xzwrw9gQPuAnyUFQg==

GET
H2 200 push.js Show response
cdn.pushpushgo.com/scripts/5ed6423d02306d22465a64c9/ 56 KB
14 KB 35ms
35ms Script
application/javascript 51.83.214.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushpushgo.com/scripts/5ed6423d02306d22465a64c9/push.js
Requested by: Host: cdn.pushpushgo.com
URL: https://cdn.pushpushgo.com/js/5b8d17a8f446bb000b381dd8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.214.237 , France, ASN16276 (OVH, FR),
Reverse DNS: ip237.ip-51-83-214.eu
Software: nginx /
Resource Hash: 5571e9a2f1adbd4a76fee172ae975ca68f2d5b0740a1b943c518801c27696ce9

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:41:00 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 12:16:51 GMT
server: nginx
etag: "5ed64333-35a0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=86400
content-length: 13728
expires: Sun, 07 Jun 2020 22:41:00 GMT

GET
H2 200 beacon.js Show response
cdn.pushpushgo.com/scripts/5ed6423d02306d22465a64c9/ 11 KB
4 KB 56ms
55ms Script
application/javascript 51.83.214.237
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pushpushgo.com/scripts/5ed6423d02306d22465a64c9/beacon.js
Requested by: Host: cdn.pushpushgo.com
URL: https://cdn.pushpushgo.com/js/5b8d17a8f446bb000b381dd8.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.214.237 , France, ASN16276 (OVH, FR),
Reverse DNS: ip237.ip-51-83-214.eu
Software: nginx /
Resource Hash: 9684f8257b47acd78e4e573d0418203aafed712f50f0e067b500f08be5a68d11

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:41:00 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 12:16:50 GMT
server: nginx
etag: "5ed64332-dc7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=86400
content-length: 3527
expires: Sun, 07 Jun 2020 22:41:00 GMT

GET
H2 200 CookieAccess Show response
apis.quantcast.mgr.consensu.org/ 18 B
267 B 84ms
35ms XHR
application/json 52.58.64.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.64.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-64-30.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:41:00 GMT
server: awselb/2.0
status: 200
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://glossy.espreso.rs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18

GET
H2 200 /
www.kurir.rs/news_widget_amc/ Frame 7576 0
0 97ms
30ms Document
text/html 51.15.154.185
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.rs%2F
Requested by: Host: pym.nprapps.org
URL: https://pym.nprapps.org/pym.v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.154.185 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.kurir.rs
Software: Haste /
Resource Hash

Request headers

:method: GET
:authority: www.kurir.rs
:scheme: https
:path: /news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.rs%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://glossy.espreso.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glossy.espreso.rs/

Response headers

status: 200
date: Sat, 06 Jun 2020 22:40:37 GMT
vary: Accept-Encoding
content-encoding: gzip
x-backend-server: kurir-app4 time for request D=5267
content-type: text/html; charset=UTF-8
server: Haste
x-haste-cacheable: YES
expires: 0
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-haste-perspective: desktop
age: 22
x-haste-debug-backend: kurirTHQ
x-haste-node: haste-fr1.itplatforma.com
x-haste-cache: HIT
x-haste-hits: 1
accept-ranges: bytes
content-length: 6107

GET
H2 200 icons.png
cdn.pushpushgo.com/scripts/5ed6423d02306d22465a64c9/assets/ 1 KB
1 KB 34ms
33ms Image
image/png 51.83.214.237
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pushpushgo.com/scripts/5ed6423d02306d22465a64c9/assets/icons.png
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.214.237 , France, ASN16276 (OVH, FR),
Reverse DNS: ip237.ip-51-83-214.eu
Software: nginx /
Resource Hash: 03879b269bbb5e2e48d1682398523475c16120d95b1a5efa55ff1133ae6ca6e3

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:41:00 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 12:16:52 GMT
server: nginx
etag: "5ed64334-4a8"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=86400
content-length: 1192
expires: Sun, 07 Jun 2020 22:41:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 16ms
16ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1864170247150479&ev=fb_page_view&dl=https%3A%2F%2Fglossy.espreso.rs%2F&rl=&if=false&ts=1591483260185&sw=1600&sh=1200

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:41:00 GMT, Sat, 06 Jun 2020 22:41:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 06 Jun 2020 22:41:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 34ms
11ms Script
application/x-javascript 2600:9000:2182:aa00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:aa00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:15:29 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 1531
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: s0Y_PmHgjweOClb4T0JzADEib1A8P1cWSTUeiEXo16JjKd9CVtAyRQ==
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
expires: Sun, 07 Jun 2020 00:15:29 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 154 KB
31 KB 458ms
458ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1934491211058556&correlator=2964507030764335&output=ldjh&impl=fifs&adsid=NT&eid=21066269%2C21066322&vrg=2020060103&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200606&iu_parts=338515395%2Cglossy%2Cglossy_desk_id1%2Cglossy_desk_id2%2Cglossy_desk_id3%2Cglossy_desk_id4&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%2C970x500%7C998x90%7C998x180%7C998x250%7C998x500%7C970x180%7C970x250%2C300x250%7C300x600%2C300x600%7C300x250&cust_params=glossy_espreso_pages%3Dhome%26r%3D7%26r2%3D8&cookie_enabled=1&bc=31&abxe=1&lmt=1591483260&dt=1591483260473&dlt=1591483259045&idt=867&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933%2C-12245933&adks=2341537960%2C2049153674%2C437793788%2C1605551008&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fglossy.espreso.rs%2F&dssz=47&icsg=12724736&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C960x0%7C300x0%7C300x0&msz=0x-1%7C960x500%7C300x250%7C300x600&ga_vid=596600070.1591483260&ga_sid=1591483260&ga_hid=746903121&fws=128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

2652080374a5fe854650d14440bcfd18326eaeace3ff41ee2d6ef77560017a9b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLnwo5Oh7ukCFY3ydwodLY4Ffg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfwo5Oh7ukCFY3ydwodLY4Ffg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLnwo5Oh7ukCFY3ydwodLY4Ffg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html,child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLfwo5Oh7ukCFY3ydwodLY4Ffg&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Logo_GpaSiriusSingleIframe.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
google-creative-id: -2,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29672
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Sat, 06 Jun 2020 22:41:00 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://glossy.espreso.rs
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 29ms
14ms Other
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 27ms
7ms Other
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
487 B 56ms
18ms XHR
text/html 143.204.94.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1591483260498;Adria%20Media%20d.o.o.;https%3A%2F%2Fglossy.espreso.rs%2F;;;;;p,off,true,,1,en,34,205,true,false,false;displayConsentUi:mandatory,;GDPR-x17pcug4gf2n4n95z7uc
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v34/cmpui-popup.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.94.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-101.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 06:11:55 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
vary: Origin
age: 59346
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: FxCEZ5cL0avLYIcE3fAIxE2OKO1SNufsBFgwAiQZh0ROdWc2NjAgxQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 351ms
116ms Image
image/gif 34.196.57.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=glossy.espreso.rs&p=%2F&u=JotQTBQJgL2nqria&d=glossy.espreso.rs&g=54177&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10495&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1699&t=CKyxAgCSC7rnD-ULpnCaIaS4DW9hAM&V=120&i=Glossy&tz=-120&sn=1&sv=Co-IM1D6zpRTCjgd5U0K1adeBva6&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.57.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-57-87.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 06 Jun 2020 22:41:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 container.html
91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6DF9 0
0 7ms
6ms Document
text/html 2a00:1450:4001:821::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://glossy.espreso.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glossy.espreso.rs/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Sat, 06 Jun 2020 22:41:00 GMT
expires: Sun, 06 Jun 2021 22:41:00 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fafeba3a752db5f2192dded348b290fe87005475cde47ef5867c8a347842fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591376860604238"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27925
x-xss-protection: 0
expires: Sat, 06 Jun 2020 22:41:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ Frame 8296 202 KB
56 KB 76ms
6ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3268
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56265
x-xss-protection: 0
server: sffe
date: Sat, 06 Jun 2020 21:46:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9b3afaa85c48c2d0"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Jun 2021 21:46:33 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 8296 16 KB
6 KB 89ms
19ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52790
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
server: sffe
date: Sat, 06 Jun 2020 08:01:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7c581cea2ef0aefe"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Jun 2021 08:01:11 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 8296 97 KB
29 KB 87ms
17ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3277
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29929
x-xss-protection: 0
server: sffe
date: Sat, 06 Jun 2020 21:46:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22e1efecde29c9e4"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Jun 2021 21:46:24 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 8296 4 KB
2 KB 86ms
16ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52778
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1719
x-xss-protection: 0
server: sffe
date: Sat, 06 Jun 2020 08:01:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc4637e8702685f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Jun 2021 08:01:23 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005262159000/v0/ Frame 8296 48 KB
15 KB 85ms
15ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 52790
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14997
x-xss-protection: 0
server: sffe
date: Sat, 06 Jun 2020 08:01:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "de17760b9f621603"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Jun 2021 08:01:11 GMT

GET
DATA 200
OK truncated
/ Frame 8296 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bf819aacb0f67a199f991ff2c3869f6205b192fa97219b0dba84ab95e1a84b5

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012005262159000/ 20 KB
7 KB 79ms
13ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005262159000/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 820
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7224
x-xss-protection: 0
server: sffe
date: Sat, 06 Jun 2020 22:27:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f6cfa2ba62463627"
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Jun 2021 22:27:21 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
841 B 57ms
34ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1934491211058556&r=300x250%7C300x600&w=300&h=600&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:41:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10989408405276259949
tpc.googlesyndication.com/simgad/ Frame 8296 96 KB
96 KB 8ms
7ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10989408405276259949?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkE37qvzDs3NK01TQo1ts26UjmdxA

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

876a0672ad905dd7e5b66203cf59f9874f077a103568a030cb9786c7afb167bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 08:26:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2020 16:28:42 GMT
server: sffe
age: 224082
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98492
x-xss-protection: 0
expires: Fri, 04 Jun 2021 08:26:19 GMT

GET
H2 200 sr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8296 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/sr.png

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

740981e13ae6d521bd5893d76539e47822919cdf4f1a99841b3d9e5e16b9497f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Jun 2020 11:03:54 GMT
x-content-type-options: nosniff
server: cafe
age: 41827
etag: 114314232294822369
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2855
x-xss-protection: 0
expires: Sun, 07 Jun 2020 11:03:54 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8296 344 B
456 B 7ms
6ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Jun 2020 11:09:01 GMT
x-content-type-options: nosniff
server: cafe
age: 41520
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 07 Jun 2020 11:09:01 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8296 0
0 58ms
57ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzqHefBvcXrjCII3l3wOtnJbwB4L0q79d4eD43asLv-EeEAEg8_CkRmD1lc6B4ASgAZ-kvLoCyAEC4AIAqAMByAMIqgTiAU_Qix9U1ascuxbVmNmZyHhzg6PxDC-5H0aHwZXPwVtnfB1Nxyzfd4_fNzapLvLcJTk72xxTHl8i9Dh3j-3yM8B2TOSUycw6YPDTk-qQh0aLnX7g4MNt7IhkA5HxfHHSTeAqb7KD5lwwRxaXlqvXdtH0AwVKT1bWXrzSzvGdMzqzUXmGimZkiG0kZx7vSGiCbEUCsXhf29Algu_0tCNIpZs2bDAJiBzgVhW1rybh94INYeEZNHDYBTVG07K4EYIU-Tqd7_RLn2wnckq6JvtSHE9XFZQDeNPc6AduOOodzmwkJpLABLC0itn7AuAEAZIFBAgEGAGSBQQIBRgEoAYCgAfLodHFAagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBD0lwTSCAcIgGEQARgdgAoDyAsB2BMM&sigh=O0rXtr1WbVg&tpd=AGWhJmty8Ds-Ef1qVEIiubHd9GAmnl7sEYzFtqTnCaSOT7VL1Q
Requested by: Host: glossy.espreso.rs
URL: https://glossy.espreso.rs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 56ms
34ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020060103&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdcbd7bc3906f0d6b5d40875500870ef2eaad8216e3140b9c01680f9da1fa180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Jun 2020 22:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5557
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020060103.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 06 Jun 2020 22:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5456
x-xss-protection: 0
expires: Sat, 06 Jun 2020 22:41:01 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8296
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Sat, 06 Jun 2020 22:41:01 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 97AC 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://glossy.espreso.rs/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://glossy.espreso.rs/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sat, 06 Jun 2020 22:27:53 GMT
expires: Sun, 06 Jun 2021 22:27:53 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 788
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 10989408405276259949
tpc.googlesyndication.com/simgad/ Frame 8296 96 KB
96 KB 6ms
5ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10989408405276259949?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkE37qvzDs3NK01TQo1ts26UjmdxA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

876a0672ad905dd7e5b66203cf59f9874f077a103568a030cb9786c7afb167bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Jun 2020 08:26:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2020 16:28:42 GMT
server: sffe
age: 224082
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98492
x-xss-protection: 0
expires: Fri, 04 Jun 2021 08:26:19 GMT

GET
H2 200 sr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8296 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/sr.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

740981e13ae6d521bd5893d76539e47822919cdf4f1a99841b3d9e5e16b9497f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Jun 2020 11:03:54 GMT
x-content-type-options: nosniff
server: cafe
age: 41827
etag: 114314232294822369
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2855
x-xss-protection: 0
expires: Sun, 07 Jun 2020 11:03:54 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8296 344 B
401 B 8ms
7ms Image
image/png 2a00:1450:4001:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Jun 2020 11:09:01 GMT
x-content-type-options: nosniff
server: cafe
age: 41520
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sun, 07 Jun 2020 11:09:01 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020060103&jk=1934491211058556&bg=!nJ-ln4dYeQtJvYnL5PgCAAAAW1IAAAASmQF5x8X4S46KY5WNtgrixzZfjPwfrqbQczHjwLdQWbooGVba68APgszTsFofaB6ghsCNJG3hzxrmaPX2AuiNvx015hBfcsPnHe0T0y4jOg8KXqyhQ-2TAs3O8wYUy3JS7hN5GX9lmw4lUkamVcbTDgsa5ZjQKrmrKS14rg0Gh0UUC-iDwsbzO6Cy-gX8wFRjBxrQ6Lo2gPgxEl9nl6PbJiswwvmoUIMVgMkWEPqNbfdgTWx5-8id9bnQxgcVwR966g7NrXHkh1q0OKuTXmz94-cXmldMn9HUqWBa-gbb-pnfpSV956qfb7zbXrLB1vqfFscFg98prxXLg5g66TTQiGLP-D_28u6oEcogpd9yo1HqNoBts6L9zbA3AxP_mCMjVVRa9cxlSicm44AX8kDUcINighPiD4fb_ZK5mrpQG5kDAZ5NYZcSvp6cpbxcW8OVsjhlUgnWpcDNJEnF1jomrYrFrL_DQGvp3HxnstMc6VoOZak6C9nrBkID8Zc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:41:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8296 42 B
112 B 15ms
14ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2zaOV4RAsDPcVrurEWpYMWFUpyd4PbnB1pSrF39Tii39JlXQQcbItBO6ogG3zzbnvq8-tBddkGBx7osGlV0r93kB-oA4wb151llPcSo3mU2Ojj3NalACW1v8&sai=AMfl-YQZeZuaH4-iZk0_8k0Qt-1jCVUdkchVBJHhxiUT8ydIzxBu_Bto-tLrakGQxs3_alJCSppO2Wqg0dewn609DhxHV3SAMbl4sCqIZfgesw&sig=Cg0ArKJSzCcmWGBWjLl_EAE&id=ampim&o=980,835&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=124&tls=1125&g=60.83333492279053&h=60.83333492279053&tt=1125&r=v&avms=ampa&adk=437793788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Jun 2020 22:41:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 117ms
116ms Image
image/gif 34.196.57.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=glossy.espreso.rs&p=%2F&u=JotQTBQJgL2nqria&d=glossy.espreso.rs&g=54177&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=11551&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1699&t=CKyxAgCSC7rnD-ULpnCaIaS4DW9hAM&V=120&tz=-120&sn=2&sv=Co-IM1D6zpRTCjgd5U0K1adeBva6&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.57.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-57-87.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 06 Jun 2020 22:41:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 119ms
118ms Image
image/gif 34.196.57.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=glossy.espreso.rs&p=%2F&u=JotQTBQJgL2nqria&d=glossy.espreso.rs&g=54177&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.5&x=0&m=0&y=11551&o=1600&w=1200&j=45&R=0&W=0&I=1&E=5&e=0&r=&b=1699&t=CKyxAgCSC7rnD-ULpnCaIaS4DW9hAM&V=120&tz=-120&sn=3&sv=Co-IM1D6zpRTCjgd5U0K1adeBva6&sd=1&im=067b2ff3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.57.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-57-87.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://glossy.espreso.rs/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Sat, 06 Jun 2020 22:41:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
glossy.espreso.rs/	1969-12-31 23:59:59	Name: X-Proxy-To Value: story-app3
.espreso.rs/	1970-01-20 10:04:43	Name: __gfp_64b Value: BIHA3RuLRSLTvQLWwFtEKFu4J1pT9Fu9aLEuUNPBKqD.T7
.hit.gemius.pl/	1970-01-20 23:13:55	Name: Gdyn Value: Klx-oMaGQMGGKruJAqAwsU9WssGM21hoLvnxGsRP5C7BGKGGqCjjLGbsleX2GQL7SJscaK_1GLGHFXVWwdLMLbGrZr6Ii9_1sG..
.espreso.rs/	1970-01-19 10:04:43	Name: _gat_tstTracker Value: 1
.espreso.rs/	1970-01-19 10:04:43	Name: _gat Value: 1
glossy.espreso.rs/	1969-12-31 23:59:59	Name: _cmpQcif3pcsupported Value: 1
.espreso.rs/	1970-01-19 10:06:09	Name: _gid Value: GA1.2.662261388.1591483260
.espreso.rs/	1970-01-20 03:35:55	Name: _ga Value: GA1.2.596600070.1591483260

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://glossy.espreso.rs/resources/js/main-v-1586975183397.js(Line 2) Message: test
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v34/cmpui-popup.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	info	URL: https://cdn.ampproject.org/rtv/012005262159000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005262159000 https://glossy.espreso.rs/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91415594e8fc9940625f5401baab5df1.safeframe.googlesyndication.com
adrs.hit.gemius.pl
adservice.google.com
adservice.google.de
alt.adocean.pl
alt.hudb.pl
apis.quantcast.mgr.consensu.org
audit.quantcast.mgr.consensu.org
cdn.ampproject.org
cdn.pushpushgo.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gars.hit.gemius.pl
glossy.espreso.rs
googleads.g.doubleclick.net
ls.hit.gemius.pl
pagead2.googlesyndication.com
ping.chartbeat.net
pym.nprapps.org
quantcast.mgr.consensu.org
rs.adocean.pl
rs.hit.gemius.pl
securepubads.g.doubleclick.net
static.chartbeat.com
static.quantcast.mgr.consensu.org
stats.g.doubleclick.net
tpc.googlesyndication.com
vendorlist.consensu.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.kurir.rs
13.226.159.98
137.74.0.158
143.204.94.101
149.202.217.129
172.217.16.130
185.80.70.15
2600:9000:20eb:ee00:1:af78:4c0:93a1
2600:9000:2182:7000:9:46dc:4700:93a1
2600:9000:2182:aa00:18:1fcd:34e:d2a1
2600:9000:21f3:2000:9:46dc:4700:93a1
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:815::2001
2a00:1450:4001:816::2003
2a00:1450:4001:819::2002
2a00:1450:4001:81a::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2004
2a00:1450:4001:821::2001
2a00:1450:4001:821::200a
2a00:1450:400c:c00::9b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.196.57.87
51.15.154.185
51.83.214.237
52.58.64.30
54.37.141.149
87.237.206.236
03879b269bbb5e2e48d1682398523475c16120d95b1a5efa55ff1133ae6ca6e3
047ed5c1bcaea807f1edb61af9be9d808c474d7ae00dd2577067ad4adbcffd29
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0bfdb3415b15fb4db892a5dbcba8e733c8ebf1516e0c4a07550e0dfec289431e
0ebc1d9b25f820aee8d4a9fef1e1e90701049d96d4d1a298e743788b897d63d3
0f914deb079edf8b702c256509ffc3cec07ee26e7ed0c966623a67f2e0be43c7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b419b27f584228b9a0d66f67e6ceb9ce33834f5c3857bd66c905101d5bd92af
22e4f01acfaeb61723ad4e53133730714aef32395c884165ad428a74b032dec7
2556a24c3debdcec560a1583f8efedc81d106113b440f9aa81e1bd371f9e2f01
2652080374a5fe854650d14440bcfd18326eaeace3ff41ee2d6ef77560017a9b
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
37b8e87c76f63fdd30214c4f93350b387076cba53d0c5cd52fd2059ee645ba41
3bf819aacb0f67a199f991ff2c3869f6205b192fa97219b0dba84ab95e1a84b5
3c1bae5a6cdf8518ff970d16278709367d21a2b0c04ca68ae3992b02af9b8e68
3fbf70737de6059ba779936f7e000913355d5cc0eb7148d0f045e00e69c4a514
41b732d5f2f8e4dc9e1380eceaf1122daaa4ad8db518461bc58cc180741b4213
4406aa79613eb6209a3a7bb25a9f0475d048c377267d52d182013b0df9bf72de
4c4dc2f72703e588d57aa82fd323420635b14ca3f887aac4b27e65bef411343e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5571e9a2f1adbd4a76fee172ae975ca68f2d5b0740a1b943c518801c27696ce9
6422145b2ac84f0f03371cc3513a884aeede1e21da30622841227209aa95e401
6b009637beabb9f494ef15cf6c4303652428789993effe3911dbac52d55d516b
6b1adb81e6eef0e62316c8d65a241d0becfd09c40216553791c5448af29b88d7
6b6a669f97718beb3f015ff913fcaf0a0aca44dc3f535bac78f852be24fa8d8a
6bb0540836bda375faedd83d62ef3d037385df6749a5fc3f69df3a1dabb362a0
6c8f94bcec873eaa3d72b1d5d3173e92e6957e88d05d324ee0f1bcf30f6a674c
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
7281df0fc37f02952ecbff4b9f47640a7f193aac19c97f89e3e276b20d47e454
740981e13ae6d521bd5893d76539e47822919cdf4f1a99841b3d9e5e16b9497f
756f04f759e2eec9e00ca613b30488be31c304b33b395846054af84dcdd0bc3f
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
876a0672ad905dd7e5b66203cf59f9874f077a103568a030cb9786c7afb167bf
8c5a62c74692dd5d707767c763842fa3a199c5d50b526f2a138747af21ba6202
8fafeba3a752db5f2192dded348b290fe87005475cde47ef5867c8a347842fdd
9124c7fc5ce15bd2e58825b6c1a6ab7fd2b4822535315dec165675c22028017e
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
9684f8257b47acd78e4e573d0418203aafed712f50f0e067b500f08be5a68d11
9aae8dacafa5856ab91d8632a1a45d7034bc2e538cf52837fe1a8973c2f44177
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9b72dd7e2a01859f433e7aee18008c9b522f0b2e0396d5656edd9fb29a305cdb
9b9ec23927af3899f6025c379c49c96175b2f4ac55e7b5ac8f03305711a6ad7f
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
a90f849105cbc198aa3e1f2fa4862fd5cbb78d4ad218da629cb033da7cf29c9d
ab9dd56193f11d93cba7de8d8c509f8f186267217e9f78ccce38bc1fd1433cc0
acc49181c1159411dedea76bfc96b1036404bce43a74fdf359639145abe444ab
ae9a4cb28029fecf8f9a50d23d19dc51186f14880768528c8541807615d34327
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b576c41d0ae773b72ec8a76cbd5e33642d7ea73d1fbf3c4884204aaa808cd6c3
b640b9af1e6fa5c035c168701d2c1f5a02f371352cca208fefded3ddea443b6a
b7a580835e59bad7481527ebaf08ca3a959177c48c63d60ef5cdb2e12e8f470e
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
bbf81561c83bed63934df4870bfe8861e1c650f74867f54b56c753bbb817208d
bdcbd7bc3906f0d6b5d40875500870ef2eaad8216e3140b9c01680f9da1fa180
bfe6cf8ec00d0ff9673fef483a2fab0f9aeea6ea078eb9e42b4fbfc96777d1d6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02b246a58f6f371252fea08130fea2d5043a3d8e2b46b475361d34a25c3d2b2
d6d94fb2902a0fa1ef1778e65b2de737f043cd1d6abcfabe4a8fcf1c9bfaed90
d8272741b8dd0aa90f124950007e4f3ec75ec4f27e8e35cb3a7f961a38b2c402
e23b80d9a06ca62504349df49bf78ab5b24583cacdd7a57843c244ce833b3564
e2b4062717b16533e4e3adc94476fd27c637c0f899a059c753963a875e9bcb8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f48155f11a2ab68fe1544f625c5692d20863eedb6ae86b09d68503c7181e213b
f66894df73715866eab1ce1ef61b102039652edb12e089afd58457a2029fd21a

glossy.espreso.rs Open in urlscan Pro 185.80.70.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

99 %HTTPS

60 %IPv6

21 Domains

35 Subdomains

29 IPs

7 Countries

1519 kBTransfer

3385 kBSize

8 Cookies

20 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

glossy.espreso.rs Open in urlscan Pro
185.80.70.15 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

99 %
HTTPS

60 %
IPv6

21
Domains

35
Subdomains

29
IPs

7
Countries

1519 kB
Transfer

3385 kB
Size

8
Cookies

90 HTTP transactions
2 data transactions