urlscan.io logo urlscan.io
SecurityTrails logo

glossy.espreso.co.rs Open in urlscan Pro
185.80.68.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://glossy.espreso.rs/
Effective URL: https://glossy.espreso.co.rs/
Submission Tags: falconsandbox
Submission: On September 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 6 countries across 21 domains to perform 70 HTTP transactions. The main IP is 185.80.68.6, located in Serbia and belongs to PROVIDUS-AS, RS. The main domain is glossy.espreso.co.rs. The Cisco Umbrella rank of the primary domain is 195506.
TLS certificate: Issued by R3 on September 7th 2022. Valid for: 3 months.
This is the only time glossy.espreso.co.rs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18 185.80.68.6 43191 (PROVIDUS-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:21f... 16509 (AMAZON-02)
1 4 141.95.172.70 16276 (OVH)
3 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 185.80.68.11 43191 (PROVIDUS-AS)
2 2a03:2880:f00... 32934 (FACEBOOK)
8 2a00:1450:400... 15169 (GOOGLE)
1 18.66.15.8 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 146.59.30.108 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 3.229.73.40 14618 (AMAZON-AES)
1 2600:9000:20e... 16509 (AMAZON-02)
3 2600:9000:21f... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
7 51.159.89.0 12876 (Online SAS)
1 18.196.221.202 16509 (AMAZON-02)
1 51.15.154.187 12876 (Online SAS)
70 26
18    185.80.68.6 (Serbia)

ASN43191 (PROVIDUS-AS, RS)
glossy.espreso.rs
glossy.espreso.co.rs
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2600:9000:21f3:6400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
4    141.95.172.70 (France)

ASN16276 (OVH, FR)
PTR: ns3214309.ip-141-95-172.eu
gars.hit.gemius.pl
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    185.80.68.11 (Serbia)

ASN43191 (PROVIDUS-AS, RS)
www.adriamediacontent.com
2    2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.66.15.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-8.vie50.r.cloudfront.net
pym.nprapps.org
1    2600:9000:20eb:b600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu
ls.hit.gemius.pl
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:9000:21f3:ca00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
1    3.229.73.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-73-40.compute-1.amazonaws.com
ping.chartbeat.net
1    2600:9000:20eb:5200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2600:9000:21f3:3600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    51.159.89.0 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: www.kurir.rs
www.kurir.rs
1    18.196.221.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-221-202.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
1    51.15.154.187 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: www.espreso.rs
www.espreso.co.rs
Apex Domain
Subdomains		 Transfer
17 espreso.co.rs
glossy.espreso.co.rs — Cisco Umbrella Rank: 195506
www.espreso.co.rs — Cisco Umbrella Rank: 109743
556 KB
8 gstatic.com
fonts.gstatic.com
246 KB
7 kurir.rs
www.kurir.rs — Cisco Umbrella Rank: 61080
171 KB
5 quantcast.com
test.cmp.quantcast.com — Cisco Umbrella Rank: 11258
cmp.quantcast.com — Cisco Umbrella Rank: 3100
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12486
142 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2989
21 KB
5 gemius.pl
gars.hit.gemius.pl — Cisco Umbrella Rank: 46108
ls.hit.gemius.pl — Cisco Umbrella Rank: 13358
20 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
157 KB
3 adriamediacontent.com
www.adriamediacontent.com — Cisco Umbrella Rank: 70223
17 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
172 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
501 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
111 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2302
45 KB
2 espreso.rs
glossy.espreso.rs
139 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
681 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1220
201 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6352
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
10 KB
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1317
15 KB
1 nprapps.org
pym.nprapps.org — Cisco Umbrella Rank: 42862
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
1 KB
70 21
Domain Requested by
16 glossy.espreso.co.rs glossy.espreso.co.rs
8 fonts.gstatic.com fonts.googleapis.com
7 www.kurir.rs pym.nprapps.org
www.kurir.rs
4 gars.hit.gemius.pl 1 redirects glossy.espreso.co.rs
gars.hit.gemius.pl
3 cmp.quantcast.com quantcast.mgr.consensu.org
3 www.adriamediacontent.com glossy.espreso.co.rs
www.adriamediacontent.com
3 www.googletagmanager.com glossy.espreso.co.rs
www.googletagmanager.com
3 www.google-analytics.com glossy.espreso.co.rs
www.google-analytics.com
3 securepubads.g.doubleclick.net glossy.espreso.co.rs
securepubads.g.doubleclick.net
2 www.facebook.com glossy.espreso.co.rs
2 region1.google-analytics.com www.googletagmanager.com
2 connect.facebook.net glossy.espreso.co.rs
connect.facebook.net
2 quantcast.mgr.consensu.org glossy.espreso.co.rs
quantcast.mgr.consensu.org
2 glossy.espreso.rs 2 redirects
1 www.espreso.co.rs glossy.espreso.co.rs
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 rules.quantcount.com secure.quantserve.com
1 ping.chartbeat.net glossy.espreso.co.rs
1 test.cmp.quantcast.com quantcast.mgr.consensu.org
1 www.google.de glossy.espreso.co.rs
1 www.google.com glossy.espreso.co.rs
1 ls.hit.gemius.pl gars.hit.gemius.pl
1 stats.g.doubleclick.net www.google-analytics.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 static.chartbeat.com glossy.espreso.co.rs
1 pym.nprapps.org glossy.espreso.co.rs
1 fonts.googleapis.com glossy.espreso.co.rs
70 27
Subject Issuer Validity Valid
espreso.rs
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-08-22 -
2022-11-20		 3 months crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2022-09-13 -
2023-09-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
www.adriamediacontent.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-25 -
2022-09-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
pym.nprapps.org
Amazon		 2022-04-06 -
2023-05-04		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.kurir.rs
Sectigo RSA Domain Validation Secure Server CA		 2021-10-05 -
2022-10-05		 a year crt.sh

This page contains 3 frames:

Primary Page: https://glossy.espreso.co.rs/
Frame ID: FA4B3A8AA9622E25E1E287CA2A33DD29
Requests: 62 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 1AF2BB6230476328493B960224F9B958
Requests: 1 HTTP requests in this frame

Frame: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Frame ID: 0351D4CA75EF802C455078B8AA4A8326
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Glossyicon-arrowicon-closeicon-commentsicon-galleryicon-nexticon-previcon-searchicon-totopglossy_logosoc-commentsoc-fbsoc-gplussoc-inssoc-mailsoc-rsssoc-twittersoc-vibersoc-wupsoc-yt

Page URL History Show full URLs

  1. http://glossy.espreso.rs/ HTTP 301
    https://glossy.espreso.rs/ HTTP 301
    https://glossy.espreso.co.rs/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

70
Requests

99 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

26
IPs

6
Countries

1690 kB
Transfer

3818 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://glossy.espreso.rs/ HTTP 301
    https://glossy.espreso.rs/ HTTP 301
    https://glossy.espreso.co.rs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://gars.hit.gemius.pl/_1663290935997/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.iQXWcUXBc0fz.Hi8sdGZAMKvOJe3s3MKg67zo0o0Iz.B7lS9x9EhUuUCgHyyxfadpYfmpPxIXfU4ABIWwL.dcGIWve0/JvkqdbENSPMRF/&ltime=318&fpdata=oTu8RbjfaAIzGcqo3G3AEznI1G8ucoJGS.bIqyubbGX.37&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
  • https://gars.hit.gemius.pl/__/_1663290935997/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.iQXWcUXBc0fz.Hi8sdGZAMKvOJe3s3MKg67zo0o0Iz.B7lS9x9EhUuUCgHyyxfadpYfmpPxIXfU4ABIWwL.dcGIWve0/JvkqdbENSPMRF/&ltime=318&fpdata=oTu8RbjfaAIzGcqo3G3AEznI1G8ucoJGS.bIqyubbGX.37&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
glossy.espreso.co.rs/
Redirect Chain
  • http://glossy.espreso.rs/
  • https://glossy.espreso.rs/
  • https://glossy.espreso.co.rs/
117 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
7f5ca9f79acd440b5ebc89bd5496128cc2d42ad694a6d62ccab96af27433676b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
223
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-length
26154
content-type
text/html; charset=UTF-8
date
Fri, 16 Sep 2022 01:11:51 GMT
expires
0
server
Haste
vary
Accept-Encoding
x-backend-server
glossy-web1 time for request D=9492
x-haste-cache
HIT
x-haste-cacheable
YES
x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq2--0
x-haste-debug-backend
glossyTHQ
x-haste-hits
2
x-haste-node
haste-thq2.itplatforma.com
x-haste-perspective
desktop

Redirect headers

content-length
0
location
https://glossy.espreso.co.rs/
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e58f6fbc32fcd5ad78163e569eb7a1cf538d3d254ee5eaed8891fd414dd11192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Sep 2022 23:51:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 16 Sep 2022 01:15:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Sep 2022 01:15:35 GMT
main-v-1652096995386.js
glossy.espreso.co.rs/resources/js/ 		214 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://glossy.espreso.co.rs/resources/js/main-v-1652096995386.js
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
ea9b20bf113c01e5234c3a622db0edf2ec574e9cf734604946aae01936b15913

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date
Fri, 16 Sep 2022 01:01:04 GMT
content-encoding
gzip
age
871
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq1.itplatforma.com
x-backend-server
glossy-web2 time for request D=11351
content-length
65301
x-haste-perspective
desktop
last-modified
Mon, 09 May 2022 11:55:48 GMT
server
Haste
etag
"359cd-5de92e390a8e1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 315360000, public
x-haste-hits
10
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-v-1652096995386.css
glossy.espreso.co.rs/resources/css/ 		86 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://glossy.espreso.co.rs/resources/css/main-v-1652096995386.css
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
c2aef430ad430749217bade369222529382149db64f9e70f5450638892f61359

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date
Fri, 16 Sep 2022 01:01:04 GMT
content-encoding
gzip
age
871
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq1.itplatforma.com
x-backend-server
glossy-web1 time for request D=4401
content-length
15834
x-haste-perspective
desktop
last-modified
Mon, 07 Mar 2022 15:11:42 GMT
server
Haste
etag
"15712-5d9a248319f5d-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age = 315360000, public
x-haste-hits
10
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de16d366d41371123be44b390d4d9dcf2d45685d80c6f1bea51a6d63a536a743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27890
x-xss-protection
0
server
sffe
etag
"1335 / 206 of 1000 / last-modified: 1663279822"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 16 Sep 2022 01:15:35 GMT
logo.svg
glossy.espreso.co.rs/resources/images/svg/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/resources/images/svg/logo.svg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
047ed5c1bcaea807f1edb61af9be9d808c474d7ae00dd2577067ad4adbcffd29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date
Fri, 16 Sep 2022 01:14:41 GMT
content-encoding
gzip
age
54
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq1.itplatforma.com
x-backend-server
glossy-web1 time for request D=1270
content-length
2249
x-haste-perspective
desktop
last-modified
Wed, 13 Jan 2021 11:32:19 GMT
server
Haste
etag
"14b4-5b8c67dee79e7-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-haste-hits
6
accept-ranges
bytes
x-haste-cacheable
YES
expires
0
338901_kardibmetgala202204_po-s.jpg
glossy.espreso.co.rs/data/images/2022/05/04/13/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/data/images/2022/05/04/13/338901_kardibmetgala202204_po-s.jpg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
e1943215b583d734488e4b3c5071b0e496385441cf2c58c302756251de7540c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq3--0
date
Fri, 16 Sep 2022 01:11:52 GMT
age
223
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq3.itplatforma.com
x-backend-server
glossy-web2 time for request D=1080
content-length
73451
x-haste-perspective
desktop
last-modified
Wed, 04 May 2022 11:11:18 GMT
server
Haste
etag
"11eeb-5de2daf388cba"
content-type
image/jpeg
cache-control
max-age = 315360000, public
x-haste-hits
1
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
338919_blejklajvliprofimedia0688359379_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/05/04/15/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/data/images/2022/05/04/15/338919_blejklajvliprofimedia0688359379_sq-s.jpg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
5910ae5e092aa5a466567675e4b5c665432b691cfc8c9bec2b38487c1e13762d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq3--0
date
Fri, 16 Sep 2022 01:08:17 GMT
age
438
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq3.itplatforma.com
x-backend-server
glossy-web1 time for request D=1300
content-length
44229
x-haste-perspective
desktop
last-modified
Wed, 04 May 2022 13:31:17 GMT
server
Haste
etag
"acc5-5de2fa3d587d2"
content-type
image/jpeg
cache-control
max-age = 315360000, public
x-haste-hits
2
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
309671_huawei-03112020-0060_sq-s.jpg
glossy.espreso.co.rs/data/images/2020/11/04/10/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/data/images/2020/11/04/10/309671_huawei-03112020-0060_sq-s.jpg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
c7c2ca46c67efb0492283d49524836c80acc2c3b367e2b2c9018a2cc3fe5b638

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq2--0
date
Fri, 16 Sep 2022 01:03:03 GMT
age
752
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq2.itplatforma.com
x-backend-server
glossy-web2 time for request D=1511
content-length
39714
x-haste-perspective
desktop
last-modified
Wed, 04 Nov 2020 09:43:52 GMT
server
Haste
etag
"9b22-5b344d1391dfa"
content-type
image/jpeg
cache-control
max-age = 315360000, public
x-haste-hits
4
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazy.png
glossy.espreso.co.rs/resources/images/ 		936 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/resources/images/lazy.png
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
8c5a62c74692dd5d707767c763842fa3a199c5d50b526f2a138747af21ba6202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq4--0
date
Fri, 16 Sep 2022 01:01:04 GMT
age
870
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq4.itplatforma.com
x-backend-server
glossy-web1 time for request D=570
content-length
936
x-haste-perspective
desktop
last-modified
Wed, 13 Jan 2021 11:32:19 GMT
server
Haste
etag
"3a8-5b8c67dee6a47"
content-type
image/png
cache-control
max-age = 315360000, public
x-haste-hits
10
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
choice.js
quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/choice.js
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ebf3024d7091007d0635f6f729158fd7168e2af56748254e80a0389f98a4abf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
br
last-modified
Tue, 17 Aug 2021 12:38:05 GMT
server
AmazonS3
age
14
etag
W/"96b796283945e2ce21c582308713cabf"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
zk70oJjC80gl4M5OQn9kkAFiy08w1o3eaYIUtsHmqr1gylcIRD7V0g==
xgemius.js
gars.hit.gemius.pl/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gars.hit.gemius.pl/xgemius.js
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.95.172.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3214309.ip-141-95-172.eu
Software
GHC /
Resource Hash
2cd568d4ba898ae20d0f741f2466b121cb86c03d711d3e9f3892100a8bbea56a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 10:13:48 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
15915
expires
Fri, 16 Sep 2022 13:15:35 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7177
date
Thu, 15 Sep 2022 23:15:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 16 Sep 2022 01:15:58 GMT
gtm.js
www.googletagmanager.com/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MBSDVKD
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b6e1f76d5ac7e6a50586fc2524e0d0256c4e4986ed9ce37e68e47bd9476d5e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37384
x-xss-protection
0
last-modified
Fri, 16 Sep 2022 00:06:07 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Sep 2022 01:15:35 GMT
pubjelly.js
www.adriamediacontent.com/js/pubjelly/main/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adriamediacontent.com/js/pubjelly/main/pubjelly.js?pjcbpage=0
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.11 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
774cccb3a1a7bcbb8cc8733c59949a40514a4de8a777152780c1475683e5fe5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq3.itplatforma.com(185.80.68.11)/http-in/be_cache_varnish/ha-thq3--0
date
Fri, 16 Sep 2022 01:10:53 GMT
content-encoding
gzip
age
282
x-haste-cache
HIT
x-haste-debug-backend
amcTHQ
x-haste-node
haste-thq3.itplatforma.com
x-backend-server
adria-amc1 time for request D=2977
content-length
14751
last-modified
Thu, 08 Sep 2022 11:30:24 GMT
server
Haste
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 259200, public
x-haste-hits
2494
accept-ranges
bytes
x-haste-cacheable
YES
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26872
x-xss-protection
0
pragma
public
x-fb-debug
W0OVEXUfCEMBhf+kcvu8X9sRkkWA6o39C81cGVK3icFSExj6F3K7QR70Etq5P0Z3KlgYqzoHiLN6MHkfRSXYjw==
x-fb-trip-id
720026100
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 16 Sep 2022 01:15:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glossy.espreso.co.rs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:26:32 GMT
x-content-type-options
nosniff
age
107343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:26:32 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glossy.espreso.co.rs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:26:54 GMT
x-content-type-options
nosniff
age
107321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:26:54 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v17/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glossy.espreso.co.rs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:28:08 GMT
x-content-type-options
nosniff
age
107247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29492
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:29:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:28:08 GMT
jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OCtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glossy.espreso.co.rs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:35:01 GMT
x-content-type-options
nosniff
age
106834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29232
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:35:01 GMT
EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
fonts.gstatic.com/s/ptserif/v17/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bd5d4c222c02f04991874ce321a05428be09b19114a102516db09a28d52b89f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glossy.espreso.co.rs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 20:20:51 GMT
x-content-type-options
nosniff
age
104084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19108
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:29:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 20:20:51 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glossy.espreso.co.rs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:28:09 GMT
x-content-type-options
nosniff
age
107246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32900
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:44:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:28:09 GMT
EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2
fonts.gstatic.com/s/ptserif/v17/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9337bf6da81f33115899dc2e7ae5c50c313a357c46643b52c5bed7db9a88b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glossy.espreso.co.rs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 23:41:03 GMT
x-content-type-options
nosniff
age
92072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21232
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:44:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 23:41:03 GMT
pym.v1.min.js
pym.nprapps.org/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pym.nprapps.org/pym.v1.min.js
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-8.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 22:35:00 GMT
content-encoding
gzip
last-modified
Tue, 13 Feb 2018 16:23:08 GMT
server
AmazonS3
age
9636
etag
"dfb7091815cbff12a30bfad66911926f"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
VIE50-P1
content-length
2818
x-amz-cf-id
hQ9KlX_RmTI9ucvoFC1bB36l1NrGK-GsN5Uq9w5jyJEy3GQwKG3TzA==
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 00:34:53 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
age
2442
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
sMN1qGwFdeQUBHkp5C8ABsg7hRI0avQhV5jHgvgmEe3i3rpt6yd-hQ==
expires
Fri, 16 Sep 2022 02:34:53 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 23 Sep 2022 01:15:35 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/pLW1P-3X_Ppr5/www.espreso.co.rs/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18040dc7cf8a8f961919c1df6335166bf87b7cc8b193145002c7d8bdc3d14c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
br
age
43
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 18:13:49 GMT
server
AmazonS3
etag
W/"6d50b90bdafc3d438c55bd915fd5301d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
fTZ_iqkt-K68gSJPHhD8UM08vDVXHfXUFuMDdIHRE_DBKHNrwpHulg==
network_sprite.svg
glossy.espreso.co.rs/resources/images/footer/ 		61 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/resources/images/footer/network_sprite.svg?v3.6
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/resources/css/main-v-1652096995386.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
39e110d013cee5277b6be02ea51c5b08319dd79697aa19bd2a191f47d7ca26fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/resources/css/main-v-1652096995386.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date
Fri, 16 Sep 2022 01:14:41 GMT
content-encoding
gzip
age
53
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq1.itplatforma.com
x-backend-server
glossy-web1 time for request D=7677
content-length
26575
x-haste-perspective
desktop
last-modified
Wed, 13 Jan 2021 11:32:19 GMT
server
Haste
etag
"f2d0-5b8c67dee6a47-gzip"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-haste-hits
5
accept-ranges
bytes
x-haste-cacheable
YES
expires
0
jizaRExUiTo99u79D0yExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0yExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:400,700|PT+Sans:400,700&subset=latin,latin-ext,cyrillic-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://glossy.espreso.co.rs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:34:48 GMT
x-content-type-options
nosniff
age
106847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26460
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Sep 2023 19:34:48 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-67410988-1&cid=2005834889.1663290936&jid=1544227554&gjid=1453401410&_gid=37668775.1663290936&_u=YGBAgEABAAAAAE~&z=2054844385
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://glossy.espreso.co.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Sep 2022 01:15:35 GMT
content-type
text/plain
access-control-allow-origin
https://glossy.espreso.co.rs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=724422589&t=pageview&_s=1&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&ul=en-us&de=UTF-8&dt=Glossy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEABAAAAAG~&jid=713920042&gjid=1704273685&cid=2005834889.1663290936&tid=UA-86981738-2&_gid=37668775.1663290936&_r=1&_slc=1&z=857611085
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://glossy.espreso.co.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 01:15:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://glossy.espreso.co.rs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=724422589&t=pageview&_s=1&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&ul=en-us&de=UTF-8&dt=Glossy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1544227554&gjid=1453401410&cid=2005834889.1663290936&tid=UA-67410988-1&_gid=37668775.1663290936&cd1=Naslovna&z=673615456
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Sep 2022 08:07:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61699
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
330591_31888420-1875058619181539-4362733534809423872-n_sq-s.jpg
glossy.espreso.co.rs/data/images/2021/11/05/19/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/data/images/2021/11/05/19/330591_31888420-1875058619181539-4362733534809423872-n_sq-s.jpg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
7555c01f42a29c745c6c551a000359333ed30bfb1a55db3ba988c25d2c0a620b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq1--0
date
Fri, 16 Sep 2022 01:12:10 GMT
age
205
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq1.itplatforma.com
x-backend-server
glossy-web2 time for request D=936
content-length
42901
x-haste-perspective
desktop
last-modified
Fri, 05 Nov 2021 18:14:23 GMT
server
Haste
etag
"a795-5d00e9cddd3b1"
content-type
image/jpeg
cache-control
max-age = 315360000, public
x-haste-hits
1
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
345232_3169757-screenshot9-ls_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/09/13/20/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/data/images/2022/09/13/20/345232_3169757-screenshot9-ls_sq-s.jpg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
765c6a713ced0be1df95a2d9f298aa537715d6f2785056ada3a3edfa1fab58cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq3--0
date
Fri, 16 Sep 2022 01:12:10 GMT
age
205
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq3.itplatforma.com
x-backend-server
glossy-web1 time for request D=1049
content-length
31627
x-haste-perspective
desktop
last-modified
Tue, 13 Sep 2022 18:15:50 GMT
server
Haste
etag
"7b8b-5e893008b13d8"
content-type
image/jpeg
cache-control
max-age = 315360000, public
x-haste-hits
1
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
334366_potaz-shutterstock-1901610007_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/01/20/17/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/data/images/2022/01/20/17/334366_potaz-shutterstock-1901610007_sq-s.jpg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
f45581dea4766aea93a359e45adda424af1d2ff21bcde51362c339c8ae4b35ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq3--0
date
Fri, 16 Sep 2022 01:12:10 GMT
age
205
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq3.itplatforma.com
x-backend-server
glossy-web2 time for request D=1074
content-length
38809
x-haste-perspective
desktop
last-modified
Thu, 20 Jan 2022 16:30:40 GMT
server
Haste
etag
"9799-5d60605e01dc1"
content-type
image/jpeg
cache-control
max-age = 315360000, public
x-haste-hits
1
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
338901_kardibmetgala202204_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/05/04/13/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/data/images/2022/05/04/13/338901_kardibmetgala202204_sq-s.jpg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
ae3927aec248f434f15d5ba967fc2ce04d7b2364b3e9f713adfb572f0b33de7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq2--0
date
Fri, 16 Sep 2022 01:01:26 GMT
age
849
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq2.itplatforma.com
x-backend-server
glossy-web1 time for request D=1175
content-length
60644
x-haste-perspective
desktop
last-modified
Wed, 04 May 2022 11:11:18 GMT
server
Haste
etag
"ece4-5de2daf37ec7d"
content-type
image/jpeg
cache-control
max-age = 315360000, public
x-haste-hits
7
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
345334_olovkapocetna-1_sq-s.jpg
glossy.espreso.co.rs/data/images/2022/09/15/20/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/data/images/2022/09/15/20/345334_olovkapocetna-1_sq-s.jpg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
9c554e72a436416abbe394756db7f18accf072518a08e6c101458782cf5a5762

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq4--0
date
Fri, 16 Sep 2022 01:06:04 GMT
age
571
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq4.itplatforma.com
x-backend-server
glossy-web2 time for request D=1037
content-length
32297
x-haste-perspective
desktop
last-modified
Thu, 15 Sep 2022 18:15:42 GMT
server
Haste
etag
"7e29-5e8bb3bb85227"
content-type
image/jpeg
cache-control
max-age = 315360000, public
x-haste-hits
4
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
52592287725-profimedia0706669399-share_sq-s.jpg
glossy.espreso.co.rs/data/images/external/2022/09/15/20/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://glossy.espreso.co.rs/data/images/external/2022/09/15/20/52592287725-profimedia0706669399-share_sq-s.jpg
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
0dbd7850bc1b3a91738aea104819a7909e940972a1c04c30e0d37ff1d39fefd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_cache_varnish/ha-thq3--0
date
Fri, 16 Sep 2022 01:06:21 GMT
age
553
x-haste-cache
HIT
x-haste-debug-backend
glossyTHQ
x-haste-node
haste-thq3.itplatforma.com
x-backend-server
glossy-web2 time for request D=949
content-length
52467
x-haste-perspective
desktop
last-modified
Thu, 15 Sep 2022 18:17:45 GMT
server
Haste
etag
"ccf3-5e8bb431879bb"
content-type
image/jpeg
cache-control
max-age = 315360000, public
x-haste-hits
3
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
check_if_user_is_logged_in
glossy.espreso.co.rs/profil/ 		115 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://glossy.espreso.co.rs/profil/check_if_user_is_logged_in
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/resources/js/main-v-1652096995386.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.6 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Apache /
Resource Hash
22882a69a2cd613b25bc774dded2d9d71c97bf0677d764e8bd270402a6802688

Request headers

Accept
*/*
Referer
https://glossy.espreso.co.rs/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq4.itplatforma.com(185.80.68.6)/http-in/be_glossy/glossy-web1--0
date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
x-backend-server
glossy-web1 time for request D=4290
content-length
92
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1KF5K7BKBZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBSDVKD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba289fbc443bb0a3befc92c5f5d1792a8b57bb4914777301ed440b9406e22348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69252
x-xss-protection
0
expires
Fri, 16 Sep 2022 01:15:35 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M15919DSXJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MBSDVKD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bb451d0ad8a289e141123d818a20a362fa02fe031f62d09e99542d185a60a254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69183
x-xss-protection
0
expires
Fri, 16 Sep 2022 01:15:35 GMT
fpdata.js
gars.hit.gemius.pl/ 		282 B
396 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gars.hit.gemius.pl/fpdata.js?href=glossy.espreso.co.rs
Requested by
Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.95.172.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3214309.ip-141-95-172.eu
Software
GHC /
Resource Hash
3a4814c97b17e6a068e7a7a6f2946ff6afb12e07fe0940ec453a8de5bf81720c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:35 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
282
expires
Sun, 16 Oct 2022 01:15:35 GMT
lsget.html
ls.hit.gemius.pl/ Frame 1AF2 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gars.hit.gemius.pl
URL: https://gars.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash
733d26f489d3755dc78c812d20a3184aa9c7989788403633dfdce968138070db

Request headers

Referer
https://glossy.espreso.co.rs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2722
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Fri, 16 Sep 2022 01:15:35 GMT
etag
PRIVATE7520710249
expires
Sun, 16 Oct 2022 01:15:35 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67410988-1&cid=2005834889.1663290936&jid=1544227554&_u=YGBAgEABAAAAAE~&z=1171971025
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 01:15:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-67410988-1&cid=2005834889.1663290936&jid=1544227554&_u=YGBAgEABAAAAAE~&z=1171971025
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 01:15:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
322513038446696
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/322513038446696?v=2.9.81&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
879786857ec79ae37d4eb158bea957154445288c96fd1c9525d6509772f50cad
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85974
x-xss-protection
0
pragma
public
x-fb-debug
jCwBpGwxGiC6D80wmM2Xh9Fgf/ydt1NtLh1/DBTJfbIhQeELvutHyXhDxXG/GQzVbIUpQy1CyfutfaSQUQEqmA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 16 Sep 2022 01:15:35 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
manifest.js
www.adriamediacontent.com/js/pubjelly/main/noc/ 		593 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adriamediacontent.com/js/pubjelly/main/noc/manifest.js?pjcbmanual=462025
Requested by
Host: www.adriamediacontent.com
URL: https://www.adriamediacontent.com/js/pubjelly/main/pubjelly.js?pjcbpage=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.11 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
52ad44cbdaf2f972f4b191524ac999658e08f708b39d26da8f958a4b5aef69f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq3.itplatforma.com(185.80.68.11)/http-in/be_cache_varnish/ha-thq4--0
date
Fri, 16 Sep 2022 01:13:21 GMT
content-encoding
gzip
age
134
x-haste-cache
HIT
x-haste-debug-backend
amcTHQ
x-haste-node
haste-thq4.itplatforma.com
x-backend-server
adria-amc1 time for request D=1635
content-length
312
last-modified
Thu, 08 Sep 2022 11:30:24 GMT
server
Haste
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 3600, public
x-haste-hits
1475
accept-ranges
bytes
x-haste-cacheable
YES
glossyespresocors.js
www.adriamediacontent.com/js/pubjelly/main/cfg/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adriamediacontent.com/js/pubjelly/main/cfg/glossyespresocors.js?pjcbauto=19251
Requested by
Host: www.adriamediacontent.com
URL: https://www.adriamediacontent.com/js/pubjelly/main/pubjelly.js?pjcbpage=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.80.68.11 , Serbia, ASN43191 (PROVIDUS-AS, RS),
Reverse DNS
Software
Haste /
Resource Hash
4935de7697aa50b80210d5a6ad727536b081eb371c3f7f5fcabf86b606d1c2a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-thq3.itplatforma.com(185.80.68.11)/http-in/be_cache_varnish/ha-thq4--0
date
Fri, 16 Sep 2022 01:13:16 GMT
content-encoding
gzip
age
138
x-haste-cache
HIT
x-haste-debug-backend
amcTHQ
x-haste-node
haste-thq4.itplatforma.com
x-backend-server
adria-amc1 time for request D=4508
content-length
685
last-modified
Mon, 15 Aug 2022 15:43:29 GMT
server
Haste
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age = 604800, public
x-haste-hits
5
accept-ranges
bytes
x-haste-cacheable
YES
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ca00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd0564106c40c0d22e2b8fd12f552d0beb6bc1f44d0e9e1a744ff86a811d1ebb

Request headers

Accept
application/json, text/plain, */*
Referer
https://glossy.espreso.co.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 03:00:57 GMT
content-encoding
gzip
age
80078
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 01 Sep 2022 19:55:38 GMT
server
AmazonS3
etag
W/"6956b949229e4f70c6801a6ba073ae1e"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
7JVvY2BjkVZ63YlCse_n1XAdPqJrPXIl
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C2
content-type
application/json
x-amz-cf-id
CeC6fdlg6N_V8FhwL4-W1_zTCsBbtSY9oUmYzGjFlDMIvcQmvxOs1g==
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 10:30:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
225882
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Sep 2023 10:30:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		78 B
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=glossy.espreso.co.rs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1743622310a6527c8b495a48b8e30112b93d88c2b3061868f1b711b1cc05329a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Sep 2022 01:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78
x-xss-protection
0
expires
Fri, 16 Sep 2022 01:15:35 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=glossy.espreso.co.rs&p=%2F&u=DRNFXYCBUXJkCSCYYR&d=glossy.espreso.co.rs&g=54177&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10058&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=822&t=BHVuVDD8FkVBm7bbNCRe-kikUL8&V=136&i=Glossy&tz=0&sn=1&sv=jeMZhD1PWNcCSWQoUBzJfiRC-bNpd&sd=1&im=067b2fff&_
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.73.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-73-40.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 01:15:36 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
rules-p-pLW1P-3X_Ppr5.js
rules.quantcount.com/ 		209 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-pLW1P-3X_Ppr5.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:5200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5748bca185df924fff062d93fb5b13bad5bb43de8a26f4a966c2094795c38af5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 00:36:33 GMT
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
age
2347
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 13:03:28 GMT
server
AmazonS3
etag
"f65355691912c7346a040f80c0eeaf02"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
XEjF5KwobaSh0Uhk8veCAFqPQzmlFjuoXPetIdjQWhd24ZkL4eN5Ew==
cmp2ui-en.js
cmp.quantcast.com/tcfv2/44/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 18:15:05 GMT
content-encoding
br
age
111631
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 18:13:35 GMT
server
AmazonS3
etag
W/"c26dab36f353a381230d68d0a5c0fa59"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
kYkHVxugGWHYfxlkbPhSe6o3WC0JcJP4B6bATm1JWOVDG_Ru7SUe-A==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		347 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d967e05002c52b775e3f42bd7a708b63079283f3a54576644042a7481c7eeb12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 03:00:47 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
80088
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 03:00:35 GMT
server
AmazonS3
etag
W/"ea922879326435a45729af695e68dc68"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
eAOtY59JvHZW7h7EOFrZHAHlhFUUNUmFrq6ltHLKyYofFk9QB71uiQ==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		152 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.espreso.co.rs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07972f12994eb405d291a4584d3cec9262e657f789053b67de1b1d71d6f09c62

Request headers

Accept
application/json, text/plain, */*
Referer
https://glossy.espreso.co.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 03:03:25 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
79930
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 15 Sep 2022 03:03:24 GMT
server
AmazonS3
etag
W/"b6c05a3bfd48e979d8c08b0310b92d76"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
gEYvxkd8uBCBRae_31cBpsbRepsW2qkqOCwcK7tbNrtKagjhERlO4A==
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1KF5K7BKBZ&gtm=2oe9e0&_p=724422589&cid=2005834889.1663290936&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663290935&sct=1&seg=0&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&dt=Glossy&en=page_view&_fv=1&_ss=1&ep.author_dl=none&ep.category_dl=Naslovna&ep.subcategory_dl=none&ep.article_id_dl=none&ep.date_dl=none&ep.time_dl=none&ep.page_type_dl=home
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1KF5K7BKBZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 01:15:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://glossy.espreso.co.rs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
350 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M15919DSXJ&gtm=2oe9e0&_p=724422589&cid=2005834889.1663290936&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663290935&sct=1&seg=0&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&dt=Glossy&en=page_view&_fv=1&_ss=1&ep.author_dl=none&ep.category_dl=Naslovna&ep.subcategory_dl=none&ep.article_id_dl=none&ep.date_dl=none&ep.time_dl=none&ep.page_type_dl=home
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M15919DSXJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 01:15:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://glossy.espreso.co.rs
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=322513038446696&ev=PageView&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&rl=&if=false&ts=1663290935913&sw=1600&sh=1200&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.2.1663290935912.447562401&it=1663290935704&coo=false&rqm=GET
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 16 Sep 2022 01:15:35 GMT
rexdot.js
gars.hit.gemius.pl/__/_1663290935997/
Redirect Chain
  • https://gars.hit.gemius.pl/_1663290935997/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espr...
  • https://gars.hit.gemius.pl/__/_1663290935997/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.e...
169 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gars.hit.gemius.pl/__/_1663290935997/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.iQXWcUXBc0fz.Hi8sdGZAMKvOJe3s3MKg67zo0o0Iz.B7lS9x9EhUuUCgHyyxfadpYfmpPxIXfU4ABIWwL.dcGIWve0/JvkqdbENSPMRF/&ltime=318&fpdata=oTu8RbjfaAIzGcqo3G3AEznI1G8ucoJGS.bIqyubbGX.37&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Server
141.95.172.70 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3214309.ip-141-95-172.eu
Software
GHC /
Resource Hash
336a3a236ec241531ec60ebd7921dbb1ec7e5903b89ea8e387e05bfc598b0607

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Sep 2022 01:15:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
server
GHC
expires
Thu, 15 Sep 2022 01:15:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Sep 2022 01:15:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1663290935997/rexdot.js?l=100&id=.Wqab_7.PymlI6QznIZAr5eCDkaUbycwxOudM3_kSXz.M7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fglossy.espreso.co.rs%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=.iQXWcUXBc0fz.Hi8sdGZAMKvOJe3s3MKg67zo0o0Iz.B7lS9x9EhUuUCgHyyxfadpYfmpPxIXfU4ABIWwL.dcGIWve0/JvkqdbENSPMRF/&ltime=318&fpdata=oTu8RbjfaAIzGcqo3G3AEznI1G8ucoJGS.bIqyubbGX.37&inner=_ver%3D329%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
server
GHC
expires
Thu, 15 Sep 2022 01:15:36 GMT
/
www.kurir.rs/news_widget_amc/ Frame 0351 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Requested by
Host: pym.nprapps.org
URL: https://pym.nprapps.org/pym.v1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
www.kurir.rs
Software
Haste /
Resource Hash
e7053e6d6b0130170605d627dcc8e68c3f94edd7141a552b68a72cdd320493a3

Request headers

Referer
https://glossy.espreso.co.rs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-length
6699
content-type
text/html; charset=UTF-8
date
Fri, 16 Sep 2022 01:15:36 GMT
expires
0
server
Haste
vary
Accept-Encoding
x-backend-server
kurir-web4 time for request D=8301
x-haste-cache
MISS
x-haste-cacheable
YES
x-haste-cfg
217.64.151.32->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr3--0
x-haste-debug-backend
kurirTHQ
x-haste-node
haste-fr3.itplatforma.com
x-haste-perspective
desktop
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22pLW1P-3X_Ppr5%22%2C%22domain%22%3A%22glossy.espreso.co.rs%22%2C%22publisher%22%3A%22espreso%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22QB8FGsk2aBcmiA3LxMazag%22%2C%22clientTimestamp%22%3A1663290936012%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-uikpv18xwpmrio2siu5l%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.221.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-221-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://glossy.espreso.co.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Sep 2022 01:15:36 GMT
content-length
2
content-type
text/plain; charset=utf-8
logo.png
www.espreso.co.rs/resources/images/header/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.espreso.co.rs/resources/images/header/logo.png
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.15.154.187 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
www.espreso.rs
Software
Haste /
Resource Hash
a1140d57421ae5baa9e14a690f2bac09054b2a9d355829623cbd719d845f3639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-fr3.itplatforma.com(51.15.154.187)/http-in/be_cache_varnish/haste-fr3--0
date
Fri, 16 Sep 2022 01:03:34 GMT
age
721
x-haste-cache
HIT
x-haste-debug-backend
espresoTHQ
x-haste-node
haste-fr3.itplatforma.com
x-backend-server
espreso-web2 time for request D=442
content-length
7095
x-haste-perspective
desktop
last-modified
Thu, 11 Feb 2021 10:20:00 GMT
server
Haste
etag
"1bb7-5bb0cdcbc03a0"
content-type
image/png
cache-control
max-age = 315360000, public
x-haste-hits
1
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
pym.v1.min.js
www.kurir.rs/resources/js/ Frame 0351 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kurir.rs/resources/js/pym.v1.min.js
Requested by
Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
www.kurir.rs
Software
Haste /
Resource Hash
ff3587135389fc0f7399474f84d6bff086059dbcb13d9b4e64b495d72ba4e4c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr2--0
date
Fri, 16 Sep 2022 00:45:36 GMT
content-encoding
gzip
age
1799
x-haste-cache
HIT
x-haste-debug-backend
kurirTHQ
x-haste-node
haste-fr2.itplatforma.com
x-backend-server
kurir-web5 time for request D=1003
content-length
2193
x-haste-perspective
last-modified
Mon, 08 Mar 2021 12:00:56 GMT
server
Haste
etag
"1bc3-5bd052fba376f-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age = 315360000, public
x-haste-hits
360
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
2825203_belivuk-miljkovic_ls-s.jpg
www.kurir.rs/data/images/2021/12/09/18/ Frame 0351 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kurir.rs/data/images/2021/12/09/18/2825203_belivuk-miljkovic_ls-s.jpg
Requested by
Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
www.kurir.rs
Software
Haste /
Resource Hash
b6d0aebfb47d4753cbebc147f100030b2d3903f75be8a43d5adc749fb531866d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr3--0
date
Fri, 16 Sep 2022 01:15:19 GMT
age
16
x-haste-cache
HIT
x-haste-debug-backend
kurirTHQ
x-haste-node
haste-fr3.itplatforma.com
x-backend-server
kurir-web5 time for request D=898
content-length
41162
x-haste-perspective
last-modified
Thu, 09 Dec 2021 17:33:14 GMT
server
Haste
etag
"a0ca-5d2ba004e2efc"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age = 315360000, public
x-haste-hits
15
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
3174311_giska_ls-s.jpg
www.kurir.rs/data/images/2022/09/15/12/ Frame 0351 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kurir.rs/data/images/2022/09/15/12/3174311_giska_ls-s.jpg
Requested by
Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
www.kurir.rs
Software
Haste /
Resource Hash
6161984dd7aa2164b15442045878ed556639e739f57f8da6a4589e444be49bb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr3--0
date
Fri, 16 Sep 2022 01:15:20 GMT
age
15
x-haste-cache
HIT
x-haste-debug-backend
kurirTHQ
x-haste-node
haste-fr3.itplatforma.com
x-backend-server
kurir-web4 time for request D=1317
content-length
29417
x-haste-perspective
last-modified
Thu, 15 Sep 2022 10:38:23 GMT
server
Haste
etag
"72e9-5e8b4d8417561"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age = 315360000, public
x-haste-hits
9
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
1646435_profimedia0375134740_ls-s.jpg
www.kurir.rs/data/images/2018/10/15/13/ Frame 0351 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kurir.rs/data/images/2018/10/15/13/1646435_profimedia0375134740_ls-s.jpg
Requested by
Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
www.kurir.rs
Software
Haste /
Resource Hash
68f9ec7245f3923704b8eca75dfe216dd7f5d8e7a22bc844926c6e110f034ac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr3--0
date
Fri, 16 Sep 2022 01:08:36 GMT
age
419
x-haste-cache
HIT
x-haste-debug-backend
kurirTHQ
x-haste-node
haste-fr3.itplatforma.com
x-backend-server
kurir-web3 time for request D=1353
content-length
31985
x-haste-perspective
last-modified
Mon, 15 Oct 2018 11:31:48 GMT
server
Haste
etag
"7cf1-57842c8596208"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age = 315360000, public
x-haste-hits
253
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
3174931_nevreme_ls-s.jpg
www.kurir.rs/data/images/2022/09/15/20/ Frame 0351 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kurir.rs/data/images/2022/09/15/20/3174931_nevreme_ls-s.jpg
Requested by
Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
www.kurir.rs
Software
Haste /
Resource Hash
1abba0829c14225773b18f65ae4251f2820744c54fdb34774adc72476f6b0617

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr3--0
date
Fri, 16 Sep 2022 01:15:20 GMT
age
15
x-haste-cache
HIT
x-haste-debug-backend
kurirTHQ
x-haste-node
haste-fr3.itplatforma.com
x-backend-server
kurir-web1 time for request D=1203
content-length
24396
x-haste-perspective
last-modified
Thu, 15 Sep 2022 18:42:31 GMT
server
Haste
etag
"5f4c-5e8bb9baa6953"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age = 315360000, public
x-haste-hits
11
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
3174509_untitled3_ls-s.jpg
www.kurir.rs/data/images/2022/09/15/15/ Frame 0351 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kurir.rs/data/images/2022/09/15/15/3174509_untitled3_ls-s.jpg
Requested by
Host: www.kurir.rs
URL: https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.159.89.0 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
www.kurir.rs
Software
Haste /
Resource Hash
fb95b63ea48ac69cc33857339d608d1022dd9cb9772fb6820f3623c0ce9bca44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.kurir.rs/news_widget_amc/?website=glossy&source=widget&campaign=adria_internal&initialWidth=300&childId=kurir-sidebar-widget&parentTitle=Glossy&parentUrl=https%3A%2F%2Fglossy.espreso.co.rs%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-haste-cfg
217.64.151.32->haste-fr3.itplatforma.com(51.159.89.0)/http-in/be_cache_varnish/haste-fr2--0
date
Fri, 16 Sep 2022 01:15:21 GMT
age
14
x-haste-cache
HIT
x-haste-debug-backend
kurirTHQ
x-haste-node
haste-fr2.itplatforma.com
x-backend-server
kurir-web4 time for request D=1388
content-length
35245
x-haste-perspective
last-modified
Thu, 15 Sep 2022 13:19:50 GMT
server
Haste
etag
"89ad-5e8b719ad466e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age = 315360000, public
x-haste-hits
9
accept-ranges
bytes
x-haste-cacheable
YES
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=322513038446696&ev=Microdata&dl=https%3A%2F%2Fglossy.espreso.co.rs%2F&rl=&if=false&ts=1663290936417&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Glossy%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Glossy%22%2C%22og%3Aimage%22%3A%22%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fglossy.espreso.co.rs%2F%22%2C%22og%3Asite_name%22%3A%22Glossy%22%2C%22og%3Adescription%22%3A%22%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fglossy.rs%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.81&r=stable&ec=1&o=30&fbp=fb.2.1663290935912.447562401&it=1663290935704&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: glossy.espreso.co.rs
URL: https://glossy.espreso.co.rs/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://glossy.espreso.co.rs/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 01:15:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 16 Sep 2022 01:15:36 GMT

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| __tcfapi function| __uspapi string| addr string| server_request_uri string| server_href boolean| comment_report_reqire_login string| login_system string| login_server string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event string| cdSiteContentCategory string| cdSiteContentSubcategory string| cdSiteContentPageType string| cdArticleDatePublish string| cdArticleDatePublishNewFormat string| cdArticleTimePublish string| cdArticleAuthor string| cdArticleId string| GoogleAnalyticsObject function| ga object| dataLayer object| googletag object| pubjelly function| fbq function| _fbq function| getCookie string| userFirstLastName string| userAvatar object| userProfileLink undefined| sharewindow function| processGoogleABTestToken function| searchHeaderBtn function| searchHeader function| searchForm function| sideBoxTabs number| get_tpl_i function| get_tpl function| removeElement function| nl2br object| $mediaSlider object| $mediaThumb object| $window function| socFollow function| stickyHead function| equalHeight function| trim function| isEmail function| loadAntibot function| poll_init function| poll_check_votes function| poll_vote function| poll_show_results function| poll_show_answers function| getImagesFromLive function| slideToSlide function| setMediaDescription function| _slice function| _slicedToArray function| _extends function| _toConsumableArray function| checkIfUserIsLoggedIn function| checkUserPreviousScrollPosition function| checkStrength function| addendLoader function| removeLoader function| setCookie function| checkCookie function| openLoginModal function| logOut function| resetAllValidationFields function| userProfile function| openRegisterModal function| showErrorMessage function| hideErrorMessage function| uploadAvatar function| getUrlVars function| removeHash boolean| com_loading function| com_load_more function| com_list number| antibot_id object| antibot_timeout function| com_form_init function| com_preview_init function| com_close_reply function| com_reset_antibot function| dataSet function| dataPush function| dataGet function| $ function| jQuery object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley string| loader boolean| finishLoding object| toastr object| container object| script object| _sf_async_config object| _qevents object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| timeout object| gemius_cmpclient object| gemius_cookie object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt object| $jscomp function| $jscomp$lookupPolyfilledValue object| __pubJellyRuntime object| pbjs object| regeneratorRuntime function| __tcfapiui object| ggeac object| google_js_reporting_queue object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| cmd string| pjSlotID undefined| google_measure_js_timing object| pym

16 Cookies

Domain/Path Name / Value
.espreso.co.rs/ Name: _gid
Value: GA1.3.37668775.1663290936
.espreso.co.rs/ Name: _gat
Value: 1
.espreso.co.rs/ Name: _gat_tstTracker
Value: 1
.espreso.co.rs/ Name: _cb
Value: DRNFXYCBUXJkCSCYYR
.espreso.co.rs/ Name: _chartbeat2
Value: .1663290935744.1663290935744.1.jeMZhD1PWNcCSWQoUBzJfiRC-bNpd.1
.espreso.co.rs/ Name: _cb_svref
Value: null
.espreso.co.rs/ Name: __gfp_64b
Value: oTu8RbjfaAIzGcqo3G3AEznI1G8ucoJGS.bIqyubbGX.37|1663290935
.espreso.co.rs/ Name: _ga_1KF5K7BKBZ
Value: GS1.1.1663290935.1.0.1663290935.0.0.0
.espreso.co.rs/ Name: _ga
Value: GA1.1.2005834889.1663290936
.espreso.co.rs/ Name: _ga_M15919DSXJ
Value: GS1.1.1663290935.1.0.1663290935.0.0.0
.espreso.co.rs/ Name: _fbp
Value: fb.2.1663290935912.447562401
glossy.espreso.co.rs/ Name: X-Proxy-To
Value: glossy-web1
.facebook.com/ Name: fr
Value: 0G74QCbcwxKn0cQhB..BjI843...1.0.BjI843.
glossy.espreso.co.rs/ Name: qcSxc
Value: 1663290935981
.hit.gemius.pl/ Name: Gtest
Value: KlxDwMMGQMQGQeTGlXrLkX8issGMXP8c25nSGol6VEnwoO1isG..
.hit.gemius.pl/ Name: Gdyn
Value: KlGL0RXGQMQGQeTGlXrLkX8issGMXP8c25nSGol6VEnwoOMiGsRPIQlGvGQp1R48SsL8RDcGFsCBI8l8MG..

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audit-tcfv2.cmp.quantcast.com
cmp.quantcast.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gars.hit.gemius.pl
glossy.espreso.co.rs
glossy.espreso.rs
ls.hit.gemius.pl
ping.chartbeat.net
pym.nprapps.org
quantcast.mgr.consensu.org
region1.google-analytics.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
test.cmp.quantcast.com
www.adriamediacontent.com
www.espreso.co.rs
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.kurir.rs
141.95.172.70
146.59.30.108
18.196.221.202
18.66.15.8
185.80.68.11
185.80.68.6
2001:4860:4802:32::36
2001:4860:4802:34::178
2600:9000:20eb:5200:6:44e3:f8c0:93a1
2600:9000:20eb:b600:18:1fcd:351:7bc1
2600:9000:21f3:3600:9:46dc:4700:93a1
2600:9000:21f3:6400:9:46dc:4700:93a1
2600:9000:21f3:ca00:3:a4cd:8380:93a1
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2004
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9b
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8083:face:b00c:0:25de
3.229.73.40
51.15.154.187
51.159.89.0
047ed5c1bcaea807f1edb61af9be9d808c474d7ae00dd2577067ad4adbcffd29
07972f12994eb405d291a4584d3cec9262e657f789053b67de1b1d71d6f09c62
0dbd7850bc1b3a91738aea104819a7909e940972a1c04c30e0d37ff1d39fefd8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1743622310a6527c8b495a48b8e30112b93d88c2b3061868f1b711b1cc05329a
18040dc7cf8a8f961919c1df6335166bf87b7cc8b193145002c7d8bdc3d14c2c
1a8635c7077b20e45b38d58f63b6562a47630e137c0e2c68b5b31611a8524a15
1abba0829c14225773b18f65ae4251f2820744c54fdb34774adc72476f6b0617
22882a69a2cd613b25bc774dded2d9d71c97bf0677d764e8bd270402a6802688
2cd568d4ba898ae20d0f741f2466b121cb86c03d711d3e9f3892100a8bbea56a
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
336a3a236ec241531ec60ebd7921dbb1ec7e5903b89ea8e387e05bfc598b0607
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
39e110d013cee5277b6be02ea51c5b08319dd79697aa19bd2a191f47d7ca26fb
3a4814c97b17e6a068e7a7a6f2946ff6afb12e07fe0940ec453a8de5bf81720c
3b6e1f76d5ac7e6a50586fc2524e0d0256c4e4986ed9ce37e68e47bd9476d5e1
46c2253a990373efcab1c600a6e1c731e5a971b0eecb0358ae53d1fbd7e16ada
4935de7697aa50b80210d5a6ad727536b081eb371c3f7f5fcabf86b606d1c2a4
4a9337bf6da81f33115899dc2e7ae5c50c313a357c46643b52c5bed7db9a88b1
52ad44cbdaf2f972f4b191524ac999658e08f708b39d26da8f958a4b5aef69f2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5748bca185df924fff062d93fb5b13bad5bb43de8a26f4a966c2094795c38af5
5910ae5e092aa5a466567675e4b5c665432b691cfc8c9bec2b38487c1e13762d
6161984dd7aa2164b15442045878ed556639e739f57f8da6a4589e444be49bb0
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
68f9ec7245f3923704b8eca75dfe216dd7f5d8e7a22bc844926c6e110f034ac2
733d26f489d3755dc78c812d20a3184aa9c7989788403633dfdce968138070db
7555c01f42a29c745c6c551a000359333ed30bfb1a55db3ba988c25d2c0a620b
765c6a713ced0be1df95a2d9f298aa537715d6f2785056ada3a3edfa1fab58cb
774cccb3a1a7bcbb8cc8733c59949a40514a4de8a777152780c1475683e5fe5c
7ebf3024d7091007d0635f6f729158fd7168e2af56748254e80a0389f98a4abf
7f5ca9f79acd440b5ebc89bd5496128cc2d42ad694a6d62ccab96af27433676b
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
879786857ec79ae37d4eb158bea957154445288c96fd1c9525d6509772f50cad
8bd5d4c222c02f04991874ce321a05428be09b19114a102516db09a28d52b89f
8c5a62c74692dd5d707767c763842fa3a199c5d50b526f2a138747af21ba6202
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
9c554e72a436416abbe394756db7f18accf072518a08e6c101458782cf5a5762
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1140d57421ae5baa9e14a690f2bac09054b2a9d355829623cbd719d845f3639
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e
ae3927aec248f434f15d5ba967fc2ce04d7b2364b3e9f713adfb572f0b33de7b
b6d0aebfb47d4753cbebc147f100030b2d3903f75be8a43d5adc749fb531866d
b7f736144a4c3c86a1e620f94d91b3c0eedcadac33888203e554dc2e7c3cfa66
ba289fbc443bb0a3befc92c5f5d1792a8b57bb4914777301ed440b9406e22348
bb451d0ad8a289e141123d818a20a362fa02fe031f62d09e99542d185a60a254
c2aef430ad430749217bade369222529382149db64f9e70f5450638892f61359
c7c2ca46c67efb0492283d49524836c80acc2c3b367e2b2c9018a2cc3fe5b638
cd0564106c40c0d22e2b8fd12f552d0beb6bc1f44d0e9e1a744ff86a811d1ebb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d967e05002c52b775e3f42bd7a708b63079283f3a54576644042a7481c7eeb12
de16d366d41371123be44b390d4d9dcf2d45685d80c6f1bea51a6d63a536a743
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e1943215b583d734488e4b3c5071b0e496385441cf2c58c302756251de7540c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f6fbc32fcd5ad78163e569eb7a1cf538d3d254ee5eaed8891fd414dd11192
e7053e6d6b0130170605d627dcc8e68c3f94edd7141a552b68a72cdd320493a3
ea9b20bf113c01e5234c3a622db0edf2ec574e9cf734604946aae01936b15913
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45581dea4766aea93a359e45adda424af1d2ff21bcde51362c339c8ae4b35ed
fb95b63ea48ac69cc33857339d608d1022dd9cb9772fb6820f3623c0ce9bca44
ff3587135389fc0f7399474f84d6bff086059dbcb13d9b4e64b495d72ba4e4c7