glossy.espreso.co.rs Open in urlscan Pro
185.80.68.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://glossy.espreso.rs/
Effective URL:
https://glossy.espreso.co.rs/
Submission Tags: falconsandbox
Submission: On February 11 via api (February 11th 2022, 6:49:50 pm UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 67 HTTP transactions. The main IP is 185.80.68.6, located in Serbia and belongs to PROVIDUS-AS, RS. The main domain is glossy.espreso.co.rs. The Cisco Umbrella rank of the primary domain is 434063.
TLS certificate: Issued by R3 on December 25th 2021. Valid for: 3 months.

This is the only time glossy.espreso.co.rs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	185.80.68.6 185.80.68.6	43191 (PROVIDUS-AS) (PROVIDUS-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	185.80.68.11 185.80.68.11	43191 (PROVIDUS-AS) (PROVIDUS-AS)
5	2600:9000:231... 2600:9000:2315:3e00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	87.237.206.236 87.237.206.236	51859 (MNSHA-AS) (MNSHA-AS)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	99.84.88.80 99.84.88.80	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:d000:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:c400:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.226.221.131 54.226.221.131	14618 (AMAZON-AES) (AMAZON-AES)
7	51.159.89.0 51.159.89.0	12876 (Online SAS) (Online SAS)
1	2600:9000:231... 2600:9000:2315:2200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	34.235.189.191 34.235.189.191	14618 (AMAZON-AES) (AMAZON-AES)
1	51.15.154.187 51.15.154.187	12876 (Online SAS) (Online SAS)
67	23

19 185.80.68.6 (Serbia) 1 redirects

ASN43191 (PROVIDUS-AS, RS)

glossy.espreso.rs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
glossy.espreso.co.rs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.68.11 (Serbia)

ASN43191 (PROVIDUS-AS, RS)

www.adriamediacontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2315:3e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.237.206.236 (Serbia) 1 redirects

ASN51859 (MNSHA-AS, RS)

gars.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-80.muc50.r.cloudfront.net

pym.nprapps.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d000:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c400:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.226.221.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-221-131.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.159.89.0 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: www.kurir.rs

www.kurir.rs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:2200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.189.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-189-191.compute-1.amazonaws.com

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.154.187 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: www.espreso.rs

www.espreso.co.rs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	espreso.co.rs glossy.espreso.co.rs — Cisco Umbrella Rank: 434063 www.espreso.co.rs — Cisco Umbrella Rank: 252046	626 KB
8	gstatic.com fonts.gstatic.com	246 KB
7	kurir.rs www.kurir.rs — Cisco Umbrella Rank: 161829	270 KB
7	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040 test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5726 audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9863	172 KB
5	gemius.pl 1 redirects gars.hit.gemius.pl — Cisco Umbrella Rank: 102686 ls.hit.gemius.pl — Cisco Umbrella Rank: 13343	15 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 67	147 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	adriamediacontent.com www.adriamediacontent.com — Cisco Umbrella Rank: 239300	17 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	386 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6342	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	501 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 770	602 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1099	201 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 829	10 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1242	14 KB
1	nprapps.org pym.nprapps.org — Cisco Umbrella Rank: 22646	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	espreso.rs 1 redirects glossy.espreso.rs	94 B
67	19

	Domain	Requested by
18	glossy.espreso.co.rs	glossy.espreso.co.rs
8	fonts.gstatic.com	fonts.googleapis.com
7	www.kurir.rs	pym.nprapps.org www.kurir.rs
5	quantcast.mgr.consensu.org	glossy.espreso.co.rs quantcast.mgr.consensu.org
4	gars.hit.gemius.pl	1 redirects glossy.espreso.co.rs gars.hit.gemius.pl
3	www.google-analytics.com	glossy.espreso.co.rs www.google-analytics.com
3	www.adriamediacontent.com	glossy.espreso.co.rs www.adriamediacontent.com
3	securepubads.g.doubleclick.net	glossy.espreso.co.rs securepubads.g.doubleclick.net
2	www.facebook.com	glossy.espreso.co.rs
2	connect.facebook.net	glossy.espreso.co.rs connect.facebook.net
1	www.espreso.co.rs	glossy.espreso.co.rs
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	www.google.de	glossy.espreso.co.rs
1	www.google.com	glossy.espreso.co.rs
1	rules.quantcount.com	secure.quantserve.com
1	ping.chartbeat.net	glossy.espreso.co.rs
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	ls.hit.gemius.pl	gars.hit.gemius.pl
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	static.chartbeat.com	glossy.espreso.co.rs
1	pym.nprapps.org	glossy.espreso.co.rs
1	fonts.googleapis.com	glossy.espreso.co.rs
1	glossy.espreso.rs	1 redirects
67	24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
sensa.mondo.rs
www.kurir.rs
www.elle.rs
www.lepaisrecna.rs
www.newsweek.rs
www.lovesensa.rs
www.nationalgeographic.rs
www.stvarukusa.rs
www.yumama.com
www.wanted.rs
www.espreso.co.rs
www.navidiku.rs

Subject Issuer	Validity	Valid
espreso.rs R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.adriamediacontent.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-21` - `2022-02-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
pym.nprapps.org Amazon	`2021-05-06` - `2022-06-04`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.kurir.rs Sectigo RSA Domain Validation Secure Server CA	`2021-10-05` - `2022-10-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://glossy.espreso.co.rs/
Frame ID: D4CF9CEF51DACF65DC000C7BDA2FA417
Requests: 59 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 348205F406C7217BC196D5B7FBA500F0
Requests: 1 HTTP requests in this frame

Frame: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Frame ID: 664F0DDB4E09CCAAE53F17EC15052D10
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Glossyicon-arrowicon-closeicon-commentsicon-galleryicon-nexticon-previcon-searchicon-totopglossy_logosoc-commentsoc-fbsoc-gplussoc-inssoc-mailsoc-rsssoc-twittersoc-vibersoc-wupsoc-yt

Page URL History Show full URLs

http://glossy.espreso.rs/ HTTP 301
https://glossy.espreso.co.rs/ Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

67
Requests

99 %
HTTPS

57 %
IPv6

19
Domains

24
Subdomains

23
IPs

5
Countries

1658 kB
Transfer

3402 kB
Size

14
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/glossy.rs/

Search URL Search Domain Scan URL

URL: https://twitter.com/glossy_rs

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCdyMbH4JckymM38HzUugwsA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/glossy_rs/

Search URL Search Domain Scan URL

URL: https://sensa.mondo.rs/budjenje-duse/srecan-zivot/a35453/15-afirmacija-za-privlacenje-ljubavi-na-Dan-zaljubljenih.html?utm_source=glossy&utm_medium=web_home&utm_campaign=adria_internal

Search URL Search Domain Scan URL

URL: https://www.kurir.rs/?utm_source=glossy&utm_campaign=footer_link&utm_medium=link

Search URL Search Domain Scan URL

URL: http://www.elle.rs/?utm_source=glossy&utm_campaign=footer_link&utm_medium=link

Search URL Search Domain Scan URL

URL: http://www.lepaisrecna.rs/?utm_source=glossy&utm_campaign=footer_link&utm_medium=link

Search URL Search Domain Scan URL

URL: http://www.newsweek.rs/?utm_source=glossy&utm_campaign=footer_link&utm_medium=link

Search URL Search Domain Scan URL

URL: http://www.lovesensa.rs/

Search URL Search Domain Scan URL

URL: http://www.nationalgeographic.rs/?utm_source=glossy&utm_campaign=footer_link&utm_medium=link

Search URL Search Domain Scan URL

URL: http://www.stvarukusa.rs/?utm_source=glossy&utm_campaign=footer_link&utm_medium=link

Search URL Search Domain Scan URL

URL: http://www.yumama.com/?utm_source=glossy&utm_campaign=footer_link&utm_medium=link

Search URL Search Domain Scan URL

URL: http://www.wanted.rs/?utm_source=glossy&utm_campaign=footer_link&utm_medium=link

Search URL Search Domain Scan URL

URL: https://www.espreso.co.rs/?internal_campaign=glossy_footer_link

Search URL Search Domain Scan URL

URL: https://www.navidiku.rs/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://glossy.espreso.rs/ HTTP 301
https://glossy.espreso.co.rs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://gars.hit.gemius.pl/_1644605385951/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=201&lsdata=M0hw0UMfb3HN_GkChGVcvqAvb0aVBvLxBUmj8Xw0pmr.h7vWPO8wyEK.2pqm3eJV1s2t9GJKSRW9R9DhqgXBexygkGAm/BJfJCR0FdmQ2P/&fpdata=6_Ur9QCYoEGkDdNTOTaaNooJJVRsxld573gw1e9ev0n.67&vis=1&fpcap= HTTP 301
https://gars.hit.gemius.pl/__/_1644605385951/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=201&lsdata=M0hw0UMfb3HN_GkChGVcvqAvb0aVBvLxBUmj8Xw0pmr.h7vWPO8wyEK.2pqm3eJV1s2t9GJKSRW9R9DhqgXBexygkGAm/BJfJCR0FdmQ2P/&fpdata=6_Ur9QCYoEGkDdNTOTaaNooJJVRsxld573gw1e9ev0n.67&vis=1&fpcap=

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
glossy.espreso.co.rs/
Redirect Chain

http://glossy.espreso.rs/
https://glossy.espreso.co.rs/

114 KB
26 KB

98ms
28ms

Document
text/html

185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 8ce6fbc35322bbe9ad338e7ede8bcd287f4ff0af6f24fd5abda05ea196776f17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 11 Feb 2022 18:49:03 GMT
vary: Accept-Encoding
content-encoding: gzip
x-backend-server: glossy-web1 time for request D=47998
content-length: 25752
content-type: text/html; charset=UTF-8
server: Haste
x-haste-cacheable: YES
expires: 0
x-haste-perspective: desktop
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
age: 41
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq2.itplatforma.com
x-haste-cache: HIT
x-haste-hits: 3
accept-ranges: bytes
x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq2--0

Redirect headers

content-length: 0
location: https://glossy.espreso.co.rs/

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 131ms
45ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Requested by

Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1998b7ba96c5a0c7425c195f106112379e7f1f2c254c1a19808efb52f7b17487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 18:35:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 18:49:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 18:49:45 GMT

GET
H2 200 main-v-1637670258939.js Show response
glossy.espreso.co.rs/resources/js/ 216 KB
64 KB 28ms
27ms Script
application/javascript 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glossy.espreso.co.rs/resources/js/main-v-1637670258939.js
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: a2a7e84e30693db8152b92c109dfd015a8b7bd68072133addb575d90f8d2f09c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq4--0
date: Fri, 11 Feb 2022 18:35:22 GMT
content-encoding: gzip
age: 862
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq4.itplatforma.com
x-backend-server: glossy-web1 time for request D=16697
content-length: 65301
x-haste-perspective: desktop
last-modified: Tue, 23 Nov 2021 13:14:45 GMT
server: Haste
etag: "35f6f-5d174866b0f0a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age = 315360000, public
x-haste-hits: 39
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main-v-1637670258939.css
glossy.espreso.co.rs/resources/css/ 85 KB
16 KB 55ms
54ms Stylesheet
text/css 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glossy.espreso.co.rs/resources/css/main-v-1637670258939.css
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: d3eee9e4ebf3283e4e03867700f591840bb9f2d23ba4b957589b0f88381d28c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq2--0
date: Fri, 11 Feb 2022 18:35:22 GMT
content-encoding: gzip
age: 862
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq2.itplatforma.com
x-backend-server: glossy-web1 time for request D=14802
content-length: 15714
x-haste-perspective: desktop
last-modified: Wed, 13 Jan 2021 11:32:19 GMT
server: Haste
etag: "15400-5b8c67dee4b07-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age = 315360000, public
x-haste-hits: 41
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 142ms
55ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

c97bb3ca107ce9dff21b27d98703b6b7e6cd813d252ce8b1afb1bca174ce49fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27174
x-xss-protection: 0
server: sffe
etag: "1128 / 109 of 1000 / last-modified: 1644581193"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Feb 2022 18:49:45 GMT

GET
H2 200 pubjelly.js Show response
www.adriamediacontent.com/js/pubjelly/main/ 42 KB
14 KB 102ms
27ms Script
application/javascript 185.80.68.11
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adriamediacontent.com/js/pubjelly/main/pubjelly.js?pjcbpage=0
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.11 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 3ec5374a644b10bdc31592eafb811f727a57f403125991b5fed36c60ef627ce7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq3.itplatforma.com(185.80.68.11)/http-in/be_cache_varnish/ha-thq3--0
date: Fri, 11 Feb 2022 18:49:26 GMT
content-encoding: gzip
age: 19
x-haste-cache: HIT
x-haste-debug-backend: amcTHQ
x-haste-node: haste-thq3.itplatforma.com
x-backend-server: adria-amc1 time for request D=3849
content-length: 14357
last-modified: Thu, 10 Feb 2022 01:00:57 GMT
server: Haste
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age = 259200, public
x-haste-hits: 1272
accept-ranges: bytes
x-haste-cacheable: YES

GET
H2 200 logo.svg
glossy.espreso.co.rs/resources/images/svg/ 5 KB
3 KB 29ms
28ms Image
image/svg+xml 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/resources/images/svg/logo.svg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 047ed5c1bcaea807f1edb61af9be9d808c474d7ae00dd2577067ad4adbcffd29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date: Fri, 11 Feb 2022 18:49:40 GMT
content-encoding: gzip
age: 5
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq1.itplatforma.com
x-backend-server: glossy-web1 time for request D=901
content-length: 2249
x-haste-perspective: desktop
last-modified: Wed, 13 Jan 2021 11:32:19 GMT
server: Haste
etag: "14b4-5b8c67dee79e7-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-haste-hits: 8
accept-ranges: bytes
x-haste-cacheable: YES
expires: 0

GET
H2 200 335343_104115632-383297195972730-8367571528555983622-n_po-s.jpg
glossy.espreso.co.rs/data/images/2022/02/11/15/ 54 KB
55 KB 30ms
28ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2022/02/11/15/335343_104115632-383297195972730-8367571528555983622-n_po-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: cf2f7b53c06288ca8c245e434d204eb881d2271d16d6a37193d811026b1f93ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date: Fri, 11 Feb 2022 18:35:22 GMT
age: 862
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq1.itplatforma.com
x-backend-server: glossy-web1 time for request D=1348
content-length: 55704
x-haste-perspective: desktop
last-modified: Fri, 11 Feb 2022 14:29:22 GMT
server: Haste
etag: "d998-5d7bee49cedd6"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 11
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 335344_zaveseshutterstock-622589276_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/02/11/15/ 17 KB
17 KB 30ms
28ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2022/02/11/15/335344_zaveseshutterstock-622589276_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: e7c40e7cbfae5a7e273d42a9fa5dc6496e97757a3d497db3869efa7e5bfc8951

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq4--0
date: Fri, 11 Feb 2022 18:49:17 GMT
age: 28
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq4.itplatforma.com
x-backend-server: glossy-web2 time for request D=1452
content-length: 17326
x-haste-perspective: desktop
last-modified: Fri, 11 Feb 2022 14:51:07 GMT
server: Haste
etag: "43ae-5d7bf325d01ca"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 1
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 335338_andjelinadzoli03_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/02/11/15/ 39 KB
40 KB 30ms
29ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2022/02/11/15/335338_andjelinadzoli03_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: d1c401c18d01ea3cea40a72448c8edd9177cfca769892ec53a07d57a850d1f40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq3--0
date: Fri, 11 Feb 2022 18:47:10 GMT
age: 155
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq3.itplatforma.com
x-backend-server: glossy-web2 time for request D=1818
content-length: 40001
x-haste-perspective: desktop
last-modified: Fri, 11 Feb 2022 14:19:59 GMT
server: Haste
etag: "9c41-5d7bec3106972"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 2
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazy.png
glossy.espreso.co.rs/resources/images/ 936 B
1 KB 63ms
62ms Image
image/png 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/resources/images/lazy.png
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 8c5a62c74692dd5d707767c763842fa3a199c5d50b526f2a138747af21ba6202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq4--0
date: Fri, 11 Feb 2022 18:35:23 GMT
age: 862
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq4.itplatforma.com
x-backend-server: glossy-web1 time for request D=378
content-length: 936
x-haste-perspective: desktop
last-modified: Wed, 13 Jan 2021 11:32:19 GMT
server: Haste
etag: "3a8-5b8c67dee6a47"
content-type: image/png
cache-control: max-age = 315360000, public
x-haste-hits: 45
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/ 4 KB
2 KB 62ms
16ms Script
application/javascript 2600:9000:2315:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/choice.js
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ebf3024d7091007d0635f6f729158fd7168e2af56748254e80a0389f98a4abf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 11 Feb 2022 18:49:41 GMT
content-encoding: br
last-modified: Tue, 17 Aug 2021 12:38:05 GMT
server: AmazonS3
age: 6
etag: W/"96b796283945e2ce21c582308713cabf"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: szWT7Ol80o-zzVlMrPaOHGFs2DB-ATAeg3drQX9Rd-B47-JyS-30jA==

GET
H2 200 xgemius.js Show response
gars.hit.gemius.pl/ 40 KB
11 KB 134ms
41ms Script
application/x-javascript 87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/xgemius.js
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: fe51695a4ec686cc0bff2f425ec3f773c5be272d63d079eca59f40e8ce23e02f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:49:45 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 14:56:40 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10837
expires: Sat, 12 Feb 2022 06:49:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
45ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4491
date: Fri, 11 Feb 2022 17:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 19:34:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 30ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: EfZj2PAsQ33IXmjJrnLyRDAON5UQ0NRjYi/B8zLNrgjHoshs4DFpv0uN1oUTZDOVRkTuPzfSZy2pavjUIvwhEQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 11 Feb 2022 18:49:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 44 KB
44 KB 233ms
139ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://glossy.espreso.co.rs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 169709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:41:16 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 46 KB
46 KB 215ms
122ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://glossy.espreso.co.rs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 169709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:41:16 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v16/ 29 KB
29 KB 133ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://glossy.espreso.co.rs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:43:14 GMT
x-content-type-options: nosniff
age: 169591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:43:14 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ 32 KB
32 KB 173ms
81ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://glossy.espreso.co.rs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 19:38:15 GMT
x-content-type-options: nosniff
age: 169890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 19:38:15 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v16/ 29 KB
29 KB 192ms
105ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://glossy.espreso.co.rs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:21:51 GMT
x-content-type-options: nosniff
age: 167274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29232
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 20:21:51 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v16/ 19 KB
19 KB 236ms
157ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bd5d4c222c02f04991874ce321a05428be09b19114a102516db09a28d52b89f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://glossy.espreso.co.rs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:43:18 GMT
x-content-type-options: nosniff
age: 165987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19108
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:07:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 20:43:18 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2
fonts.gstatic.com/s/ptserif/v16/ 21 KB
21 KB 223ms
153ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9337bf6da81f33115899dc2e7ae5c50c313a357c46643b52c5bed7db9a88b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://glossy.espreso.co.rs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 20:43:12 GMT
x-content-type-options: nosniff
age: 165993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21232
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:15 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 20:43:12 GMT

GET
H2 200 322513038446696 Show response
connect.facebook.net/signals/config/ 307 KB
88 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/322513038446696?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d25690d08c08f3b223bc3fc14435b9afe19439cf2c04ff8050b12da2997ced23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89239
x-xss-protection: 0
pragma: public
x-fb-debug: feL3RNucr1Fskg1nRH1pgTXTqfEDkykp4eGfEA/6/JLa2Cj+sZZjNrlc0WqvafJjwDq3T/fxBTIlui8jVIts1w==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Feb 2022 18:49:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pym.v1.min.js Show response
pym.nprapps.org/ 9 KB
3 KB 97ms
14ms Script
application/javascript 99.84.88.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pym.nprapps.org/pym.v1.min.js
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-80.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 00:16:57 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2018 16:23:08 GMT
server: AmazonS3
age: 66769
etag: "dfb7091815cbff12a30bfad66911926f"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 48c20cb247b267a59a8191c4d3bd787c.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: MUC50-C1
content-length: 2818
x-amz-cf-id: GhQcLL5HA3bBU8DMQ25TGjVhX83EDWchO2am82EyiJFybBQkYdELzw==

GET
H2 200 network_sprite.svg
glossy.espreso.co.rs/resources/images/footer/ 61 KB
27 KB 32ms
29ms Image
image/svg+xml 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/resources/images/footer/network_sprite.svg?v3.6
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/resources/css/main-v-1637670258939.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 39e110d013cee5277b6be02ea51c5b08319dd79697aa19bd2a191f47d7ca26fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/resources/css/main-v-1637670258939.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date: Fri, 11 Feb 2022 18:48:32 GMT
content-encoding: gzip
age: 73
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq1.itplatforma.com
x-backend-server: glossy-web1 time for request D=12826
content-length: 26575
x-haste-perspective: desktop
last-modified: Wed, 13 Jan 2021 11:32:19 GMT
server: Haste
etag: "f2d0-5b8c67dee6a47-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-haste-hits: 12
accept-ranges: bytes
x-haste-cacheable: YES
expires: 0

GET
H2 200 jizaRExUiTo99u79D0yExdGM.woff2
fonts.gstatic.com/s/ptsans/v16/ 26 KB
26 KB 161ms
161ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0yExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://glossy.espreso.co.rs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:27:15 GMT
x-content-type-options: nosniff
age: 163350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26460
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 21:27:15 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 41ms
8ms Script
application/x-javascript 2600:9000:20eb:d000:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d000:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:03:57 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 6348
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: WIGGoQBNW8924LEqoDdgctdKfHz2NJ3pFfJfaqw9M2PWQF5vXwUe2w==
expires: Fri, 11 Feb 2022 19:03:57 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 74ms
10ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:49:45 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 18 Feb 2022 18:49:45 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 178 KB
43 KB 17ms
16ms Script
text/javascript 2600:9000:2315:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:49:09 GMT
content-encoding: br
age: 37
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:49 GMT
server: AmazonS3
etag: W/"654a79dfaa26ade386414ddc75ea4b75"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: _jUHl8tnB5IKcNZeq0Ii7-pqCMvrFibSx7-IZ1_oOtIV-rsajq9Ekw==

GET
H2 200 335332_kraljicamaksima_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/02/11/14/ 50 KB
51 KB 28ms
27ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2022/02/11/14/335332_kraljicamaksima_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: e2b6f37a535934d13d20f567f2f5f8c40948458646d73643cebd6898d1360cea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq3--0
date: Fri, 11 Feb 2022 18:38:17 GMT
age: 688
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq3.itplatforma.com
x-backend-server: glossy-web1 time for request D=1537
content-length: 51650
x-haste-perspective: desktop
last-modified: Fri, 11 Feb 2022 13:01:32 GMT
server: Haste
etag: "c9c2-5d7bdaa756bf2"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 8
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 335328_271629637-407086297876475-402156013970033609-n.webp_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/02/11/14/ 63 KB
63 KB 28ms
27ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2022/02/11/14/335328_271629637-407086297876475-402156013970033609-n.webp_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 08ac255037275d07aab7f5e059a6fb573e59aa5a805e9c61f5a7a2823d1b6402

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date: Fri, 11 Feb 2022 18:35:31 GMT
age: 853
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq1.itplatforma.com
x-backend-server: glossy-web2 time for request D=1188
content-length: 64010
x-haste-perspective: desktop
last-modified: Fri, 11 Feb 2022 12:56:43 GMT
server: Haste
etag: "fa0a-5d7bd993ddd10"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 11
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 194791_amjaaaa_sq-s.jpg
glossy.espreso.co.rs/data/images/2017/11/05/19/ 33 KB
33 KB 54ms
53ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2017/11/05/19/194791_amjaaaa_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 5a7349d9db4dd091d5be132e03e374cede3329ab0cd918f0e146ddd0ac95d531

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date: Fri, 11 Feb 2022 18:44:16 GMT
age: 328
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq1.itplatforma.com
x-backend-server: glossy-web1 time for request D=895
content-length: 33644
x-haste-perspective: desktop
last-modified: Sun, 05 Nov 2017 18:45:46 GMT
server: Haste
etag: "836c-55d40bef04a6d"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 3
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 317857_ovakonistepravilidosadnajboljireceptzasarmesa2tajnasastojka640x427_sq-s.jpg
glossy.espreso.co.rs/data/images/2021/03/08/16/ 53 KB
54 KB 53ms
52ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2021/03/08/16/317857_ovakonistepravilidosadnajboljireceptzasarmesa2tajnasastojka640x427_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 48d26cc2842252e4ba6662fdc7baa493c1558e059e2c86b73601ed4505e0f87b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq4--0
date: Fri, 11 Feb 2022 18:49:09 GMT
age: 36
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq4.itplatforma.com
x-backend-server: glossy-web1 time for request D=1037
content-length: 54645
x-haste-perspective: desktop
last-modified: Mon, 08 Mar 2021 15:55:33 GMT
server: Haste
etag: "d575-5bd0876bd6b98"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 1
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 308901_zvezde-granda-26102020-0040_sq-s.jpg
glossy.espreso.co.rs/data/images/2020/10/27/11/ 30 KB
31 KB 55ms
54ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2020/10/27/11/308901_zvezde-granda-26102020-0040_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: a9130bc6cc24f6533c8b31b7d6814967bb76fc236eee4bf10b6c1cd221fc6f9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date: Fri, 11 Feb 2022 18:35:14 GMT
age: 871
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq1.itplatforma.com
x-backend-server: glossy-web2 time for request D=1670
content-length: 30965
x-haste-perspective: desktop
last-modified: Tue, 27 Oct 2020 10:49:23 GMT
server: Haste
etag: "78f5-5b2a4ccc8716c"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 49
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 330176_kimkardasijanprofimedia0559550603_sq-s.jpg
glossy.espreso.co.rs/data/images/2021/10/27/12/ 63 KB
64 KB 54ms
53ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2021/10/27/12/330176_kimkardasijanprofimedia0559550603_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: e1f210cac687ba041cabc5cfc0d7a31f1c2a6b15c63f5c3249a86b68c0cc9193

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq4--0
date: Fri, 11 Feb 2022 18:40:17 GMT
age: 568
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq4.itplatforma.com
x-backend-server: glossy-web1 time for request D=1447
content-length: 64598
x-haste-perspective: desktop
last-modified: Wed, 27 Oct 2021 10:18:41 GMT
server: Haste
etag: "fc56-5cf52eb0970a9"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 31
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 335346_zena-shutterstock-1581641116_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/02/11/17/ 30 KB
30 KB 82ms
81ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2022/02/11/17/335346_zena-shutterstock-1581641116_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 6b601f48ca9d3bec6b3ce12eef3fab7e619630c1ac7558cb2d4024645fb39962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq4--0
date: Fri, 11 Feb 2022 18:35:34 GMT
age: 851
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq4.itplatforma.com
x-backend-server: glossy-web2 time for request D=1383
content-length: 30608
x-haste-perspective: desktop
last-modified: Fri, 11 Feb 2022 16:18:54 GMT
server: Haste
etag: "7790-5d7c06c527937"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 44
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 311701_1732429-anapaunkovic03damirdervisagic-ff_sq-s.jpg
glossy.espreso.co.rs/data/images/2020/11/27/13/ 42 KB
43 KB 106ms
106ms Image
image/jpeg 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glossy.espreso.co.rs/data/images/2020/11/27/13/311701_1732429-anapaunkovic03damirdervisagic-ff_sq-s.jpg
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: f3ab62226a3c4a980d0ad698e4b6d1c23a3f036b9c57466cdf4d5415d9d511fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq2--0
date: Fri, 11 Feb 2022 18:42:05 GMT
age: 460
x-haste-cache: HIT
x-haste-debug-backend: glossyTHQ
x-haste-node: haste-thq2.itplatforma.com
x-backend-server: glossy-web2 time for request D=1455
content-length: 43494
x-haste-perspective: desktop
last-modified: Fri, 27 Nov 2020 12:38:14 GMT
server: Haste
etag: "a9e6-5b515ef28f700"
content-type: image/jpeg
cache-control: max-age = 315360000, public
x-haste-hits: 23
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 check_if_user_is_logged_in Show response
glossy.espreso.co.rs/profil/ 115 B
1 KB 104ms
104ms XHR
text/html 185.80.68.6
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glossy.espreso.co.rs/profil/check_if_user_is_logged_in
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/resources/js/main-v-1637670258939.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Apache /
Resource Hash: 22882a69a2cd613b25bc774dded2d9d71c97bf0677d764e8bd270402a6802688

Request headers

Accept: */*
Referer: https://glossy.espreso.co.rs/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_glossy/glossy-web1--0
pragma: no-cache
date: Fri, 11 Feb 2022 18:49:45 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-backend-server: glossy-web1 time for request D=14029
content-length: 92
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 manifest.js Show response
www.adriamediacontent.com/js/pubjelly/main/noc/ 583 B
803 B 30ms
30ms Script
application/javascript 185.80.68.11
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adriamediacontent.com/js/pubjelly/main/noc/manifest.js?pjcbmanual=456835
Requested by: Host: www.adriamediacontent.com
URL: https://www.adriamediacontent.com/js/pubjelly/main/pubjelly.js?pjcbpage=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.11 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: 6b2d11670cff76fc4afe72ffe4f784af63c5ee6ae3ba2a16c276a2ca9ff80be9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq3.itplatforma.com(185.80.68.11)/http-in/be_cache_varnish/ha-thq4--0
date: Fri, 11 Feb 2022 18:49:28 GMT
content-encoding: gzip
age: 17
x-haste-cache: HIT
x-haste-debug-backend: amcTHQ
x-haste-node: haste-thq4.itplatforma.com
x-backend-server: adria-amc1 time for request D=1442
content-length: 327
last-modified: Thu, 10 Feb 2022 01:07:50 GMT
server: Haste
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age = 3600, public
x-haste-hits: 1747
accept-ranges: bytes
x-haste-cacheable: YES

GET
H2 200 glossyespresocors.js Show response
www.adriamediacontent.com/js/pubjelly/main/cfg/ 2 KB
1 KB 30ms
30ms Script
application/javascript 185.80.68.11
PROVIDUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adriamediacontent.com/js/pubjelly/main/cfg/glossyespresocors.js?pjcbauto=19035
Requested by: Host: www.adriamediacontent.com
URL: https://www.adriamediacontent.com/js/pubjelly/main/pubjelly.js?pjcbpage=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.68.11 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software: Haste /
Resource Hash: f678b874995dad863e64e75ecf95bd11acdc0b498dc398a04d1f2f1149568f93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-thq3.itplatforma.com(185.80.68.11)/http-in/be_cache_varnish/ha-thq4--0
date: Fri, 11 Feb 2022 18:47:08 GMT
content-encoding: gzip
age: 157
x-haste-cache: HIT
x-haste-debug-backend: amcTHQ
x-haste-node: haste-thq4.itplatforma.com
x-backend-server: adria-amc1 time for request D=1708
content-length: 781
last-modified: Fri, 10 Dec 2021 07:01:02 GMT
server: Haste
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age = 604800, public
x-haste-hits: 88
accept-ranges: bytes
x-haste-cacheable: YES

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=322513038446696&ev=PageView&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&rl=&if=false&ts=1644605385734&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.2.1644605385733.2000213079&it=1644605385655&coo=false&exp=p1&rqm=GET

Requested by

Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:49:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 11 Feb 2022 18:49:45 GMT

GET
H3 200 pubads_impl_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
119 KB 85ms
39ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122244
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Feb 2023 17:50:31 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 75 B
103 B 95ms
48ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=glossy.espreso.co.rs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c31782bff6916a9e48ab67c43f0b9f4794c2dbf8338992aca7f28d6a9cde041e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78
x-xss-protection: 0
expires: Fri, 11 Feb 2022 18:49:45 GMT

GET
H2 200 fpdata.js Show response
gars.hit.gemius.pl/ 282 B
395 B 36ms
36ms Script
application/x-javascript 87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/fpdata.js?href=glossy.espreso.co.rs
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: c7e20af98f367fe28dd5bb1ec82941c7774a1c2e5320a657932bd55a35dbf0a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:49:45 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 282
expires: Sun, 13 Mar 2022 18:49:45 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 3482 5 KB
3 KB 84ms
28ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: 07a60e842ddb4218facf1a1932a8342ca6c3bea33fb3b504ec7a9e88d46a6a74

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/

Response headers

date: Fri, 11 Feb 2022 18:49:45 GMT
expires: Sun, 13 Mar 2022 18:49:45 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2720
content-encoding: gzip

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-67410988-1&cid=648584937.1644605386&jid=108841022&gjid=1614531134&_gid=1684012757.1644605386&_u=YGBAgEABAAAAAE~&z=349968357

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://glossy.espreso.co.rs/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Feb 2022 18:49:45 GMT
content-type: text/plain
access-control-allow-origin: https://glossy.espreso.co.rs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 96ms
48ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2043645301&t=pageview&_s=1&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&ul=en-us&de=UTF-8&dt=Glossy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=842347708&gjid=1852279112&cid=648584937.1644605386&tid=UA-86981738-2&_gid=1684012757.1644605386&_r=1&_slc=1&z=138875444

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://glossy.espreso.co.rs/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:49:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://glossy.espreso.co.rs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 88ms
40ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2043645301&t=pageview&_s=1&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&ul=en-us&de=UTF-8&dt=Glossy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=108841022&gjid=1614531134&cid=648584937.1644605386&tid=UA-67410988-1&_gid=1684012757.1644605386&cd1=Naslovna&z=1060491463

Requested by

Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Feb 2022 19:28:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84091
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 9 KB
3 KB 42ms
8ms XHR
application/json 2600:9000:2156:c400:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c400:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377

Request headers

Accept: application/json, text/plain, */*
Referer: https://glossy.espreso.co.rs/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 03:00:38 GMT
content-encoding: br
age: 56948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 19:52:29 GMT
server: AmazonS3
etag: W/"4b1249837503afcdf64c329aec87b38a"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: wJc6WWcV90znCBTeZs7CxIHimMpQQ1tj
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: Ip2fkcyepzMoD75WiX0VTgvFi9_xVzOIqjGnNJqSRlX9VhjSqbUtZA==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 308ms
100ms Image
image/gif 54.226.221.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=glossy.espreso.co.rs&p=%2F&u=CZDlVhCW6Xg7BVqkE9&d=glossy.espreso.co.rs&g=54177&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9914&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=932&t=Cq4qh2D-RZHUHXfEfCnZNOwBqSilS&V=129&i=Glossy&tz=0&sn=1&sv=CTRAeoDRa_evCn2UKZCXhxGEBQGX0H&sd=1&im=067b2fff&_
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.226.221.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-221-131.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:49:46 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 / Show response
www.kurir.rs/news_widget_amc/ Frame 664F 20 KB
7 KB 304ms
37ms Document
text/html 51.159.89.0
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Requested by: Host: pym.nprapps.org
URL: https://pym.nprapps.org/pym.v1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.kurir.rs
Software: Haste /
Resource Hash: e60627b9984215494a08fe79e5ea12ad6e7850bee20335015b2971ca1bc7215b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/

Response headers

date: Fri, 11 Feb 2022 18:49:05 GMT
vary: Accept-Encoding
content-encoding: gzip
x-backend-server: kurir-web3 time for request D=9120
access-control-allow-origin: *
content-length: 6698
content-type: text/html; charset=UTF-8
server: Haste
x-haste-cacheable: YES
expires: 0
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-haste-perspective: desktop
age: 40
x-haste-debug-backend: kurirTHQ
x-haste-node: haste-fr1.itplatforma.com
x-haste-cache: HIT
x-haste-hits: 1
accept-ranges: bytes
x-haste-cfg: 185.213.155.164->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr1--0

GET
H2 200 rules-p-pLW1P-3X_Ppr5.js Show response
rules.quantcount.com/ 147 B
602 B 44ms
9ms Script
application/javascript 2600:9000:2315:2200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-pLW1P-3X_Ppr5.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:2200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1250cac1df26eff62cb52c6732a01bad753ba6c8299329177da2e43c714564f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:19:44 GMT
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
age: 1802
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 147
last-modified: Tue, 27 Apr 2021 19:43:45 GMT
server: AmazonS3
etag: "e3373b96c8cb8ac9cdcc2b2ffd87c7b7"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: n7N1zz14BnsEMLzPDUJmf5IP21hYRYek4izxMDqj8JqzfYz2Nk8YCg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 153ms
64ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67410988-1&cid=648584937.1644605386&jid=108841022&_u=YGBAgEABAAAAAE~&z=2026076183

Requested by

Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:49:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 145ms
63ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67410988-1&cid=648584937.1644605386&jid=108841022&_u=YGBAgEABAAAAAE~&z=2026076183

Requested by

Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:49:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/39/ 227 KB
55 KB 11ms
9ms Script
text/javascript 2600:9000:2315:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:09:18 GMT
content-encoding: br
age: 57626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 03 Feb 2022 15:12:35 GMT
server: AmazonS3
etag: W/"58b24098a17406b31f4f22592394578b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: CgvxpKTSP81uYnN0eo6UEmd15hErOphbKwHlduGfCEe6nxt50du22A==

GET
H2 200 vendor-list-trimmed-v1.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 283 KB
33 KB 28ms
9ms XHR
application/json 2600:9000:2315:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67c9df4ca932fac2379e97fcf5d0922b17b1721add1b5ecad1415bca1da3f519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 03:00:35 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 56951
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 11 Feb 2022 03:00:32 GMT
server: AmazonS3
etag: W/"9319ab533140e86457ff4571b5d4193d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: FD9KMXQNTjY79Y1-MFR7qiQfZ1nY-yJrGElbyj3BnA_ndOJGEIFy1g==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 154 KB
36 KB 36ms
18ms XHR
application/json 2600:9000:2315:3e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ddba1f102cb48d395bbf224367107ae24c018cb19c035f716572a1f8523f462

Request headers

Accept: application/json, text/plain, */*
Referer: https://glossy.espreso.co.rs/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 03:00:29 GMT
content-encoding: br
age: 56957
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Fri, 11 Feb 2022 03:00:26 GMT
server: AmazonS3
etag: W/"2766074b6ad0826e8a89f01ea9c9174f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 2yRgL3bPKO0j7RD5QoVecLSmQgovTjP9e0tW7_NRTuTynWu6TzoDEA==

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 2 B
101 B 311ms
100ms XHR
text/plain 34.235.189.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22pLW1P-3X_Ppr5%22%2C%22domain%22%3A%22glossy.espreso.co.rs%22%2C%22publisher%22%3A%22espreso%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.39%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22QB8FGsk2aBcmiA3LxMazag%22%2C%22clientTimestamp%22%3A1644605385930%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-mg3awj9e8mdvf08oycym%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.189.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-189-191.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://glossy.espreso.co.rs/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 11 Feb 2022 18:49:46 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 logo.png
www.espreso.co.rs/resources/images/header/ 7 KB
7 KB 124ms
25ms Image
image/png 51.15.154.187
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.espreso.co.rs/resources/images/header/logo.png
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.15.154.187 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.espreso.rs
Software: Haste /
Resource Hash: a1140d57421ae5baa9e14a690f2bac09054b2a9d355829623cbd719d845f3639

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-fr2.itplatforma.com(51.15.154.187)/http-in/be_cache_varnish/haste-fr2--0
date: Fri, 11 Feb 2022 18:33:52 GMT
age: 953
x-haste-cache: HIT
x-haste-debug-backend: espresoTHQ
x-haste-node: haste-fr2.itplatforma.com
x-backend-server: espreso-web2 time for request D=490
content-length: 7095
x-haste-perspective: desktop
last-modified: Thu, 11 Feb 2021 10:20:00 GMT
server: Haste
etag: "1bb7-5bb0cdcbc03a0"
content-type: image/png
cache-control: max-age = 315360000, public
x-haste-hits: 56
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

rexdot.js Show response
gars.hit.gemius.pl/__/_1644605385951/
Redirect Chain

https://gars.hit.gemius.pl/_1644605385951/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espr...
https://gars.hit.gemius.pl/__/_1644605385951/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.e...

169 B
474 B

100ms
100ms

Script
application/x-javascript

87.237.206.236
MNSHA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://gars.hit.gemius.pl/__/_1644605385951/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=201&lsdata=M0hw0UMfb3HN_GkChGVcvqAvb0aVBvLxBUmj8Xw0pmr.h7vWPO8wyEK.2pqm3eJV1s2t9GJKSRW9R9DhqgXBexygkGAm/BJfJCR0FdmQ2P/&fpdata=6_Ur9QCYoEGkDdNTOTaaNooJJVRsxld573gw1e9ev0n.67&vis=1&fpcap=
Requested by: Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol: H2
Server: 87.237.206.236 , Serbia, ASN51859 (MNSHA-AS, RS),
Reverse DNS
Software: GHC /
Resource Hash: c3ab6d1977949eba1de30a7cd9e94d2b1d3ca5d8163559cd6f32d5fbaddbf9b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:49:46 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Thu, 10 Feb 2022 18:49:46 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:49:45 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1644605385951/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=201&lsdata=M0hw0UMfb3HN_GkChGVcvqAvb0aVBvLxBUmj8Xw0pmr.h7vWPO8wyEK.2pqm3eJV1s2t9GJKSRW9R9DhqgXBexygkGAm/BJfJCR0FdmQ2P/&fpdata=6_Ur9QCYoEGkDdNTOTaaNooJJVRsxld573gw1e9ev0n.67&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 10 Feb 2022 18:49:45 GMT

GET
H2 200 pym.v1.min.js Show response
www.kurir.rs/resources/js/ Frame 664F 7 KB
3 KB 37ms
37ms Script
application/javascript 51.159.89.0
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kurir.rs/resources/js/pym.v1.min.js
Requested by: Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.kurir.rs
Software: Haste /
Resource Hash: ff3587135389fc0f7399474f84d6bff086059dbcb13d9b4e64b495d72ba4e4c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr1--0
date: Fri, 11 Feb 2022 18:48:38 GMT
content-encoding: gzip
age: 67
x-haste-cache: HIT
x-haste-debug-backend: kurirTHQ
x-haste-node: haste-fr1.itplatforma.com
x-backend-server: kurir-web5 time for request D=1403
content-length: 2193
x-haste-perspective
last-modified: Mon, 08 Mar 2021 12:00:56 GMT
server: Haste
etag: "1bc3-5bd052fba376f-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age = 315360000, public
x-haste-hits: 190
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 976005_aerodrom-dubai_ls-s.jpg
www.kurir.rs/data/images/2016/08/23/08/ Frame 664F 53 KB
53 KB 43ms
42ms Image
image/jpeg 51.159.89.0
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kurir.rs/data/images/2016/08/23/08/976005_aerodrom-dubai_ls-s.jpg
Requested by: Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.kurir.rs
Software: Haste /
Resource Hash: 40d891fa0f3e22a5626ccd14a0a096bf5e06538457b1412d33503cd1c25a3800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr1--0
date: Fri, 11 Feb 2022 18:48:38 GMT
age: 67
x-haste-cache: HIT
x-haste-debug-backend: kurirTHQ
x-haste-node: haste-fr1.itplatforma.com
x-backend-server: kurir-web4 time for request D=967
content-length: 53808
x-haste-perspective
last-modified: Fri, 11 Feb 2022 18:21:32 GMT
server: Haste
etag: "d230-5d7c222e6dec5"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age = 315360000, public
x-haste-hits: 1241
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2899385_djenova-droga-mrtav-srbin-brod-foto-gdf-4--2_ls-s.jpg
www.kurir.rs/data/images/2022/02/09/11/ Frame 664F 73 KB
73 KB 43ms
42ms Image
image/jpeg 51.159.89.0
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kurir.rs/data/images/2022/02/09/11/2899385_djenova-droga-mrtav-srbin-brod-foto-gdf-4--2_ls-s.jpg
Requested by: Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.kurir.rs
Software: Haste /
Resource Hash: 6e9efe16cd7f2e983f454f8181f054ba8d36dd2b5a27b582b8e707fdda03549f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr1--0
date: Fri, 11 Feb 2022 18:48:38 GMT
age: 67
x-haste-cache: HIT
x-haste-debug-backend: kurirTHQ
x-haste-node: haste-fr1.itplatforma.com
x-backend-server: kurir-web3 time for request D=957
content-length: 74422
x-haste-perspective
last-modified: Wed, 09 Feb 2022 10:42:17 GMT
server: Haste
etag: "122b6-5d7937cc65179"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age = 315360000, public
x-haste-hits: 642
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2420161_profimedia0297070096_ls-s.jpg
www.kurir.rs/data/images/2020/12/30/11/ Frame 664F 38 KB
39 KB 83ms
81ms Image
image/jpeg 51.159.89.0
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kurir.rs/data/images/2020/12/30/11/2420161_profimedia0297070096_ls-s.jpg
Requested by: Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.kurir.rs
Software: Haste /
Resource Hash: e58c336ddb901273b6715d1465f36410f55eae8487bdade2a8fabb300d6b39d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr2--0
date: Fri, 11 Feb 2022 18:48:38 GMT
age: 67
x-haste-cache: HIT
x-haste-debug-backend: kurirTHQ
x-haste-node: haste-fr2.itplatforma.com
x-backend-server: kurir-web2 time for request D=1399
content-length: 39168
x-haste-perspective
last-modified: Wed, 30 Dec 2020 10:44:27 GMT
server: Haste
etag: "9900-5b7ac30fe49bc"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age = 315360000, public
x-haste-hits: 529
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2902215_h-57465140_ls-s.jpg
www.kurir.rs/data/images/2022/02/11/10/ Frame 664F 36 KB
36 KB 64ms
63ms Image
image/jpeg 51.159.89.0
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kurir.rs/data/images/2022/02/11/10/2902215_h-57465140_ls-s.jpg
Requested by: Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.kurir.rs
Software: Haste /
Resource Hash: 7f8dfc8b239e9d5349b3cf0be8e02172e74f13ab3553ebdcd87cec391c72b0f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr2--0
date: Fri, 11 Feb 2022 18:48:38 GMT
age: 67
x-haste-cache: HIT
x-haste-debug-backend: kurirTHQ
x-haste-node: haste-fr2.itplatforma.com
x-backend-server: kurir-web3 time for request D=1012
content-length: 36470
x-haste-perspective
last-modified: Fri, 11 Feb 2022 09:38:11 GMT
server: Haste
etag: "8e76-5d7bad343fb88"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age = 315360000, public
x-haste-hits: 316
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2902837_marjanovic_ls-s.jpg
www.kurir.rs/data/images/2022/02/11/17/ Frame 664F 58 KB
59 KB 81ms
81ms Image
image/jpeg 51.159.89.0
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kurir.rs/data/images/2022/02/11/17/2902837_marjanovic_ls-s.jpg
Requested by: Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: www.kurir.rs
Software: Haste /
Resource Hash: 097d9c11043021da07e61067010b7d0b572e8f5a37eaeed512a261a9c858812e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-haste-cfg: 185.213.155.164->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr1--0
date: Fri, 11 Feb 2022 18:48:38 GMT
age: 67
x-haste-cache: HIT
x-haste-debug-backend: kurirTHQ
x-haste-node: haste-fr1.itplatforma.com
x-backend-server: kurir-web5 time for request D=1298
content-length: 59806
x-haste-perspective
last-modified: Fri, 11 Feb 2022 16:01:10 GMT
server: Haste
etag: "e99e-5d7c02ce5a297"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age = 315360000, public
x-haste-hits: 323
accept-ranges: bytes
x-haste-cacheable: YES
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=322513038446696&ev=Microdata&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&rl=&if=false&ts=1644605386237&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Glossy%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Glossy%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fglossy.espreso.co.rs%2F%22%2C%22og%3Asite_name%22%3A%22Glossy%22%2C%22og%3Adescription%22%3A%22%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fglossy.rs%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.2.1644605385733.2000213079&it=1644605385655&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://glossy.espreso.co.rs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:49:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 11 Feb 2022 18:49:46 GMT

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.espreso.co.rs/	1970-01-20 02:59:41	Name: _fbp Value: fb.2.1644605385733.2000213079
.espreso.co.rs/	1970-01-20 18:21:17	Name: _ga Value: GA1.3.648584937.1644605386
.espreso.co.rs/	1970-01-20 00:51:31	Name: _gid Value: GA1.3.1684012757.1644605386
.espreso.co.rs/	1970-01-20 00:50:05	Name: _gat Value: 1
.espreso.co.rs/	1970-01-20 00:50:05	Name: _gat_tstTracker Value: 1
glossy.espreso.co.rs/	1970-01-20 10:18:53	Name: _cb_ls Value: 1
glossy.espreso.co.rs/	1970-01-20 10:18:53	Name: _cb Value: CZDlVhCW6Xg7BVqkE9
glossy.espreso.co.rs/	1970-01-20 10:18:53	Name: _chartbeat2 Value: .1644605385811.1644605385811.1.CTRAeoDRa_evCn2UKZCXhxGEBQGX0H.1
glossy.espreso.co.rs/	1970-01-20 00:50:07	Name: _cb_svref Value: null
.espreso.co.rs/	1969-12-31 23:59:59	Name: espreso_front_session Value: 3h2it4sr7rmkj68vfgkseo31o5
glossy.espreso.co.rs/	1969-12-31 23:59:59	Name: X-Proxy-To Value: glossy-web1
.espreso.co.rs/	1970-01-20 10:18:53	Name: __gfp_64b Value: 6_Ur9QCYoEGkDdNTOTaaNooJJVRsxld573gw1e9ev0n.67\|1644605385
.hit.gemius.pl/	1970-01-20 01:00:10	Name: Gtest Value: KlSrOMGGQMQGHRNy-RVZyoGissGMXP8c25nSGhKQzHLIXBG.
.hit.gemius.pl/	1970-01-20 10:18:53	Name: Gdyn Value: KlShaMMGQMQGHRNy-RVZyoGissGMe19oL6nxmGtALCsbypaiGsRPtP7iGKGGqn6RgGllle82GGUrxFs_RFyGsG..

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audit-tcfv2.quantcast.mgr.consensu.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gars.hit.gemius.pl
glossy.espreso.co.rs
glossy.espreso.rs
ls.hit.gemius.pl
ping.chartbeat.net
pym.nprapps.org
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
test.quantcast.mgr.consensu.org
www.adriamediacontent.com
www.espreso.co.rs
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.kurir.rs
142.250.185.162
146.59.30.100
185.80.68.11
185.80.68.6
2600:9000:20eb:d000:18:1fcd:34f:cdc1
2600:9000:2156:c400:3:a4cd:8380:93a1
2600:9000:2315:2200:6:44e3:f8c0:93a1
2600:9000:2315:3e00:9:46dc:4700:93a1
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2004
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82b::200a
2a00:1450:400c:c08::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.235.189.191
51.15.154.187
51.159.89.0
54.226.221.131
87.237.206.236
99.84.88.80
047ed5c1bcaea807f1edb61af9be9d808c474d7ae00dd2577067ad4adbcffd29
07a60e842ddb4218facf1a1932a8342ca6c3bea33fb3b504ec7a9e88d46a6a74
08ac255037275d07aab7f5e059a6fb573e59aa5a805e9c61f5a7a2823d1b6402
097d9c11043021da07e61067010b7d0b572e8f5a37eaeed512a261a9c858812e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1250cac1df26eff62cb52c6732a01bad753ba6c8299329177da2e43c714564f8
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1998b7ba96c5a0c7425c195f106112379e7f1f2c254c1a19808efb52f7b17487
1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15
22882a69a2cd613b25bc774dded2d9d71c97bf0677d764e8bd270402a6802688
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
39e110d013cee5277b6be02ea51c5b08319dd79697aa19bd2a191f47d7ca26fb
3ec5374a644b10bdc31592eafb811f727a57f403125991b5fed36c60ef627ce7
40d891fa0f3e22a5626ccd14a0a096bf5e06538457b1412d33503cd1c25a3800
48d26cc2842252e4ba6662fdc7baa493c1558e059e2c86b73601ed4505e0f87b
4a9337bf6da81f33115899dc2e7ae5c50c313a357c46643b52c5bed7db9a88b1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a7349d9db4dd091d5be132e03e374cede3329ab0cd918f0e146ddd0ac95d531
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
67c9df4ca932fac2379e97fcf5d0922b17b1721add1b5ecad1415bca1da3f519
6b2d11670cff76fc4afe72ffe4f784af63c5ee6ae3ba2a16c276a2ca9ff80be9
6b601f48ca9d3bec6b3ce12eef3fab7e619630c1ac7558cb2d4024645fb39962
6ddba1f102cb48d395bbf224367107ae24c018cb19c035f716572a1f8523f462
6e9efe16cd7f2e983f454f8181f054ba8d36dd2b5a27b582b8e707fdda03549f
7ebf3024d7091007d0635f6f729158fd7168e2af56748254e80a0389f98a4abf
7f8dfc8b239e9d5349b3cf0be8e02172e74f13ab3553ebdcd87cec391c72b0f0
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bd5d4c222c02f04991874ce321a05428be09b19114a102516db09a28d52b89f
8c5a62c74692dd5d707767c763842fa3a199c5d50b526f2a138747af21ba6202
8ce6fbc35322bbe9ad338e7ede8bcd287f4ff0af6f24fd5abda05ea196776f17
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1140d57421ae5baa9e14a690f2bac09054b2a9d355829623cbd719d845f3639
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2a7e84e30693db8152b92c109dfd015a8b7bd68072133addb575d90f8d2f09c
a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e
a9130bc6cc24f6533c8b31b7d6814967bb76fc236eee4bf10b6c1cd221fc6f9e
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66
c31782bff6916a9e48ab67c43f0b9f4794c2dbf8338992aca7f28d6a9cde041e
c3ab6d1977949eba1de30a7cd9e94d2b1d3ca5d8163559cd6f32d5fbaddbf9b6
c7e20af98f367fe28dd5bb1ec82941c7774a1c2e5320a657932bd55a35dbf0a6
c97bb3ca107ce9dff21b27d98703b6b7e6cd813d252ce8b1afb1bca174ce49fb
cf2f7b53c06288ca8c245e434d204eb881d2271d16d6a37193d811026b1f93ff
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1c401c18d01ea3cea40a72448c8edd9177cfca769892ec53a07d57a850d1f40
d25690d08c08f3b223bc3fc14435b9afe19439cf2c04ff8050b12da2997ced23
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d3eee9e4ebf3283e4e03867700f591840bb9f2d23ba4b957589b0f88381d28c9
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e1f210cac687ba041cabc5cfc0d7a31f1c2a6b15c63f5c3249a86b68c0cc9193
e2b6f37a535934d13d20f567f2f5f8c40948458646d73643cebd6898d1360cea
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e58c336ddb901273b6715d1465f36410f55eae8487bdade2a8fabb300d6b39d1
e60627b9984215494a08fe79e5ea12ad6e7850bee20335015b2971ca1bc7215b
e7c40e7cbfae5a7e273d42a9fa5dc6496e97757a3d497db3869efa7e5bfc8951
ea2cfd052397a2a777ace87690d76dc8caa81d75a37d35639401e7e995bff377
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ab62226a3c4a980d0ad698e4b6d1c23a3f036b9c57466cdf4d5415d9d511fa
f678b874995dad863e64e75ecf95bd11acdc0b498dc398a04d1f2f1149568f93
fe51695a4ec686cc0bff2f425ec3f773c5be272d63d079eca59f40e8ce23e02f
ff3587135389fc0f7399474f84d6bff086059dbcb13d9b4e64b495d72ba4e4c7

glossy.espreso.co.rs Open in urlscan Pro 185.80.68.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

99 %HTTPS

57 %IPv6

19 Domains

24 Subdomains

23 IPs

5 Countries

1658 kBTransfer

3402 kBSize

14 Cookies

16 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

glossy.espreso.co.rs Open in urlscan Pro
185.80.68.6 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

99 %
HTTPS

57 %
IPv6

19
Domains

24
Subdomains

23
IPs

5
Countries

1658 kB
Transfer

3402 kB
Size

14
Cookies

67 HTTP transactions
0 data transactions