urlscan.io logo urlscan.io
SecurityTrails logo

www.hespress.com Open in urlscan Pro
2606:4700::6812:17c4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.hespress.com/
Effective URL: https://www.hespress.com/
Submission: On August 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 15 domains to perform 75 HTTP transactions. The main IP is 2606:4700::6812:17c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hespress.com. The Cisco Umbrella rank of the primary domain is 539877.
TLS certificate: Issued by WE1 on August 3rd 2024. Valid for: 3 months.
This is the only time www.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

38    2606:4700::6812:17c4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hespress.com
i1.hespress.com
1    172.67.181.58 (United States)

ASN13335 (CLOUDFLARENET, US)
pahter.tech
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.67.138.21 (United States)

ASN13335 (CLOUDFLARENET, US)
palibzh.tech
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
5    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
pagead2.googlesyndication.com
2    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
www.google.de
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
ep1.adtrafficquality.google
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
38 hespress.com
www.hespress.com — Cisco Umbrella Rank: 539877
i1.hespress.com — Cisco Umbrella Rank: 399891
2 MB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
237 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3773
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662
132 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
191 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
181 KB
2 adtrafficquality.google
ep1.adtrafficquality.google
ep2.adtrafficquality.google
19 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
175 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 129
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
6 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6716
63 B
1 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 57067
108 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
1 pahter.tech
pahter.tech — Cisco Umbrella Rank: 456002
3 KB
75 15
Domain Requested by
34 i1.hespress.com www.hespress.com
i1.hespress.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.hespress.com
pagead2.googlesyndication.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 www.hespress.com www.hespress.com
i1.hespress.com
static.cloudflareinsights.com
3 fonts.gstatic.com
2 www.facebook.com www.hespress.com
2 region1.analytics.google.com www.googletagmanager.com
2 aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 connect.facebook.net www.hespress.com
connect.facebook.net
2 www.googletagmanager.com www.hespress.com
www.googletagmanager.com
2 www.gstatic.com www.hespress.com
2 securepubads.g.doubleclick.net www.hespress.com
securepubads.g.doubleclick.net
1 lh3.googleusercontent.com
1 fonts.googleapis.com
1 tpc.googlesyndication.com ep2.adtrafficquality.google
1 ep2.adtrafficquality.google securepubads.g.doubleclick.net
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 www.google.de www.hespress.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 palibzh.tech pahter.tech
1 static.cloudflareinsights.com www.hespress.com
1 pahter.tech www.hespress.com
75 22
Subject Issuer Validity Valid
hespress.com
WE1		 2024-08-03 -
2024-11-01		 3 months crt.sh
pahter.tech
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
palibzh.tech
WE1		 2024-08-06 -
2024-11-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-08 -
2024-09-06		 3 months crt.sh
*.google.de
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
adtrafficquality.google
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.hespress.com/
Frame ID: ED62CCA4AE5CBEE0595404A6B9D5FF2A
Requests: 72 HTTP requests in this frame

Frame: https://aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5AAFF752DAACCD9B0708AE5B93C9381A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E57D6AA97CBDB39E4B67CAD4BB56CF13
Requests: 1 HTTP requests in this frame

Frame: https://aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F1FBA520647C75A433945F3762D1894
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hespress - هسبريس جريدة إلكترونية مغربية

Page URL History Show full URLs

  1. http://www.hespress.com/ HTTP 307
    https://www.hespress.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

75
Requests

99 %
HTTPS

64 %
IPv6

15
Domains

22
Subdomains

23
IPs

3
Countries

2994 kB
Transfer

6567 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hespress.com/ HTTP 307
    https://www.hespress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hespress.com/
Redirect Chain
  • http://www.hespress.com/
  • https://www.hespress.com/
249 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
5abb43cb1046a6b7e7f9b80352382f655e5a3dbc317df27db2737eaea96067f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
42
cf-cache-status
HIT
cf-ray
8bb5d6c8eedc18d5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Aug 2024 15:33:24 GMT
last-modified
Fri, 30 Aug 2024 15:32:42 GMT
server
cloudflare
vary
Accept-Encoding
x-nginx-cache
HIT HR
x-powered-by
PHP/7.4.13

Redirect headers

Location
https://www.hespress.com/
Non-Authoritative-Reason
HttpsUpgrades
Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
14679169
etag
W/"6567ba7a-89c8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8bb5d6c9de121c6d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
14683804
etag
W/"6567ba7a-8bd4"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8bb5d6c9de101c6d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
14679169
etag
W/"6567ba7a-8cc8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8bb5d6c9de0c1c6d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hespress.com.js
pahter.tech/c/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahter.tech/c/hespress.com.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BWSG1GMXVTBDS1S1
age
1197
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2289
x-amz-id-2
bf+IzZY3z8XS4EhM0t6dXIBUTiGuNT81BqoOgwDGy1Rye4iHW0h0fAALXbbwUm5a/DEDnhqVvbk=
last-modified
Thu, 08 Feb 2024 12:06:52 GMT
server
cloudflare
etag
"3f02c9d26139d05930116dc637a9e68e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FONWyEit9jSzpMBC2bPh8bpXLaBE%2BoXxTnLFpJCni9LHnnCw4CebVNSbL3J3CddeNvXJQq3fmCQoBHKkwQse0auOjmAe1g%2BWNUE0Pe5%2Bot%2BKYoTkrLX5HLqHY1VydQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bb5d6c9b8f2bbf8-FRA
desktop.css
i1.hespress.com/wp-content/themes/hespressar/css/ 		401 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a073272c87a95c418d0b18a9a0abaa777530ba4fd1c3ef91b6e1344f1e41be

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 28 Jun 2024 23:21:34 GMT
server
cloudflare
age
5413809
cf-polished
origSize=412232
etag
W/"667f457e-64a48"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
8bb5d6c9afcd18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
f45045878eee5e09bb1bf16f3865e0dd604308ff1c9af0216f2ebff3bc60d5b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32614
x-xss-protection
0
server
cafe
etag
706 / 19965 / m202408270101 / config-hash: 14354500860261976811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Aug 2024 15:33:24 GMT
tribunal-police-copie.jpg
i1.hespress.com/wp-content/uploads/2024/05/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/tribunal-police-copie.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74b9d90d30e5650a6ca19586307bc013c1df2305ce7996b5699bb90eeafd633c

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
698274
cf-polished
qual=85, origFmt=jpeg, origSize=83252
content-disposition
inline; filename="tribunal-police-copie.webp"
content-length
41206
cf-bgj
imgq:85,h2pri
last-modified
Tue, 21 May 2024 01:22:53 GMT
server
cloudflare
etag
"664bf76d-14534"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6c9afce18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Prix-du-poulet-en-hausse-2.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Prix-du-poulet-en-hausse-2.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46fcc6c6b461a0fbb6e04001b1cef826e6c53c3e058a8735c6163ba8a094412

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
460851
cf-polished
qual=85, origFmt=jpeg, origSize=94178
content-disposition
inline; filename="Prix-du-poulet-en-hausse-2.webp"
content-length
53844
cf-bgj
imgq:85,h2pri
last-modified
Sat, 24 Aug 2024 14:52:58 GMT
server
cloudflare
etag
"66c9f3ca-16fe2"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6c9afcf18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.2.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 08:44:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6546
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Aug 2025 08:44:12 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.2.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 17:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10840
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 29 Aug 2025 17:57:37 GMT
script.min.js
i1.hespress.com/wp-content/themes/hespressar/js/ 		210 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.52
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01529fb33b0c4ae0a1c4017a26a24641d2109386d0655bb1252d2ac8474af3e

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 23:21:34 GMT
server
cloudflare
age
5415106
etag
W/"667f457e-34973"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8bb5d6ca083e18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8bb5d6ca7e0c1c9f-FRA
gtm.js
www.googletagmanager.com/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b527f31cac6ead2be6b29bd17dc289d87a984a2dac3bd5682cf5e7640903f391
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73792
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Aug 2024 15:33:24 GMT
sprite.svg
www.hespress.com/wp-content/themes/hespressar/ 		215 KB
57 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/wp-content/themes/hespressar/sprite.svg?6.52
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
265
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=300
cf-ray
8bb5d6ca287c18d5-FRA
expires
Fri, 30 Aug 2024 15:38:24 GMT
projectagora.min.js
palibzh.tech/libs/ 		386 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palibzh.tech/libs/projectagora.min.js
Requested by
Host: pahter.tech
URL: https://pahter.tech/c/hespress.com.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad7c056a84b856d1891583faacba535c3e8761654dadd0fa218902cb02d71eb

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HVPCNQY21FVAPMP5
age
5126
x-amz-server-side-encryption
AES256
x-amz-meta-version
3.34.1
alt-svc
h3=":443"; ma=86400
content-length
110046
x-amz-id-2
ATbjHV2LL0JQsx91bQgiuNCdKf+a/4vgg4OtWvZbdxdI+Oa4dbsgPNSLVPAnZUf0Ky7z5t0tW80=
last-modified
Wed, 28 Aug 2024 12:03:52 GMT
server
cloudflare
etag
"a593222610a8c0a326b820633b44c334"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RGkDzRMFiB3Oyj7BvBSPWvJ5wIGnDm05MXC%2B2wn1cUTMU%2FJyOUXnblez3JlJRbeS7Z%2BagVq96ON%2FExQf6z1QX9E3CZMAAJfcfzn%2FnjQtqdZEMQ4VxX2C11pJ2%2B8uSt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bb5d6ca7dcebb53-FRA
sprite.svg
i1.hespress.com/wp-content/themes/hespressar/ 		215 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.52
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
107
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
8bb5d6ca88d018d5-FRA
expires
Fri, 30 Aug 2024 15:38:24 GMT
shows-bg.jpg
i1.hespress.com/wp-content/themes/hespress/img/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespress/img/shows-bg.jpg
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7

Request headers

Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
678747
cf-polished
qual=85, origFmt=jpeg, origSize=125674
content-disposition
inline; filename="shows-bg.webp"
content-length
42292
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 15:00:22 GMT
server
cloudflare
etag
"64527706-1eaea"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6ca88d218d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholder.png
i1.hespress.com/wp-content/themes/hespressar/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/img/placeholder.png
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808

Request headers

Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
139082
cf-polished
origFmt=png, origSize=4471
content-disposition
inline; filename="placeholder.webp"
content-length
3412
cf-bgj
imgq:85,h2pri
last-modified
Sat, 14 Nov 2020 22:53:56 GMT
server
cloudflare
etag
"5fb06004-1177"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6ca88d518d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
weathericons-regular.otf
i1.hespress.com/wp-content/themes/hespress/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/weathericons-regular.otf
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0

Request headers

Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 06:25:03 GMT
server
cloudflare
age
4991459
etag
"5fcf1c3f-d360"
vary
Accept-Encoding
content-type
application/x-font-otf
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cb0f9e1c6d-FRA
content-length
54112
expires
Thu, 31 Dec 2037 23:55:55 GMT
hamza.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/hamza.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe37752cde309f1f686617252fcbe9432d08e72c49e9e248268cffe20fe001a7

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
146728
cf-polished
qual=85, origFmt=jpeg, origSize=98877
content-disposition
inline; filename="hamza.webp"
content-length
81038
cf-bgj
imgq:85,h2pri
last-modified
Tue, 27 Aug 2024 22:02:09 GMT
server
cloudflare
etag
"66ce4ce1-1823d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cac92918d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
KIf.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/KIf.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ff1c3d1c49146d6664c1f466319044a248493275a42e7fc9b949788edf4c47

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
243094
cf-polished
degrade=85, origSize=158233, status=webp_bigger
content-length
58566
cf-bgj
imgq:85,h2pri
last-modified
Tue, 27 Aug 2024 21:52:10 GMT
server
cloudflare
etag
"66ce4a8a-26a19"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cac92a18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
maroc.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/maroc.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c4599d035693583167b496debdecfaf3c1d6affeb166a5a34c46cd39fa1c4cd

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
585105
cf-polished
qual=85, origFmt=jpeg, origSize=107133
content-disposition
inline; filename="maroc.webp"
content-length
73990
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Aug 2024 21:40:48 GMT
server
cloudflare
etag
"66c901e0-1a27d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cac92b18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hakona-batata.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/hakona-batata.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85ad4cddbf44e81505ede9fffe8cccdd44f4685007a9b410aeef1c5bd9e3f22

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
671497
cf-polished
qual=85, origFmt=jpeg, origSize=94921
content-disposition
inline; filename="hakona-batata.webp"
content-length
65374
cf-bgj
imgq:85,h2pri
last-modified
Thu, 22 Aug 2024 22:37:18 GMT
server
cloudflare
etag
"66c7bd9e-172c9"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cac92d18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hanane.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Hanane.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d4049b84b5928a84edbd20ef8df0a9959a2a91890857a79c1fd0e70770b587

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
757871
cf-polished
degrade=85, origSize=174114, status=webp_bigger
content-length
64554
cf-bgj
imgq:85,h2pri
last-modified
Wed, 21 Aug 2024 20:51:46 GMT
server
cloudflare
etag
"66c65362-2a822"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cac92f18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
mpox.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/mpox.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad8ac8587dc09a7d740f9e5a306544ebab546575962f7db937ad4e2ccdbd0f8

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
1103538
cf-polished
degrade=85, origSize=95568, status=webp_bigger
content-length
80808
cf-bgj
imgq:85,h2pri
last-modified
Sat, 17 Aug 2024 18:04:58 GMT
server
cloudflare
etag
"66c0e64a-17550"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cac93018d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
parking-1.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/parking-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
245bb37b86c200540b43846e6dacb832fcaed9bdf325732a00bf7c5f08439ffa

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
1189879
cf-polished
degrade=85, origSize=95705, status=webp_bigger
content-length
78006
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Aug 2024 20:04:46 GMT
server
cloudflare
etag
"66bfb0de-175d9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cac93118d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
benaissa_ep7.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/benaissa_ep7.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
684de390bc25cf90e6954aa0eaa0e501f332ff56db44e183bc7ad87b613b5de8

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
1270849
cf-polished
degrade=85, origSize=181097, status=webp_bigger
content-length
72966
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Aug 2024 00:27:29 GMT
server
cloudflare
etag
"66be9cf1-2c369"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad93c18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jardin-casa.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/jardin-casa.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
298fec68debf03af9d988b550b3252fe26d6e21d02e797ded011bc988dd9c7f5

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
6962
cf-polished
degrade=85, origSize=121553, status=webp_bigger
content-length
95721
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 11:20:22 GMT
server
cloudflare
etag
"66d1aaf6-1dad1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad93d18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Maladie-rare.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Maladie-rare.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a678f2b1553dba269d1a9b5eaa6b319318deb25ec774e9701dfb8c5edc1754d

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
10158
cf-polished
qual=85, origFmt=jpeg, origSize=100837
content-disposition
inline; filename="Maladie-rare.webp"
content-length
79028
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 12:37:58 GMT
server
cloudflare
etag
"66d1bd26-189e5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad93f18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Youabad-1.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Youabad-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60854517d9de70a5ccb71398c1c530df275a291550885127bfc6ea3a71c0be49

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
13827
cf-polished
qual=85, origFmt=jpeg, origSize=69074
content-disposition
inline; filename="Youabad-1.webp"
content-length
41036
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 13:47:56 GMT
server
cloudflare
etag
"66d1cd8c-10dd2"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad94218d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hlimi.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/hlimi.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec8c2c88d96a4f64dc518a9efe505a01b6c9f98ae16b2bc81254e35d94aea24

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
16983
cf-polished
qual=85, origFmt=jpeg, origSize=63067
content-disposition
inline; filename="hlimi.webp"
content-length
34594
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 12:43:39 GMT
server
cloudflare
etag
"66d1be7b-f65b"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad94318d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
foum-al-ansar.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/foum-al-ansar.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27c92675ae4b9f554b0c032b104f69e559d6be67879b066ca7fbe5fd00d292b

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
18585
cf-polished
qual=85, origFmt=jpeg, origSize=78230
content-disposition
inline; filename="foum-al-ansar.webp"
content-length
50132
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 12:07:01 GMT
server
cloudflare
etag
"66d1b5e5-13196"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad94518d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hcp_hlimi.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/hcp_hlimi.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec87b0f93e3a2df465ead33e439b3a6a4e293575100dcec53305e5e1fce901a

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
69338
cf-polished
qual=85, origFmt=jpeg, origSize=46962
content-disposition
inline; filename="hcp_hlimi.webp"
content-length
25560
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 21:45:04 GMT
server
cloudflare
etag
"66d0ebe0-b772"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad94618d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
kenza.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/kenza.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43b3c99e34e784044aaf0dfed1d0301506703eee2da14fffec4a5c954f84bd7

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
75560
cf-polished
degrade=85, origSize=100538, status=webp_bigger
content-length
85477
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 20:15:09 GMT
server
cloudflare
etag
"66d0d6cd-188ba"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad94718d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Baitas.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Baitas.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc55bca7800937f0800a8804ab98ceca7068f9a5b8b1dd227efab6aef5d156c

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
87788
cf-polished
qual=85, origFmt=jpeg, origSize=83010
content-disposition
inline; filename="Baitas.webp"
content-length
59336
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 17:04:57 GMT
server
cloudflare
etag
"66d0aa39-14442"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad94818d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
INVEST.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/INVEST.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d17cc494d88e4a15a21585336a997c0d88e7d0988e0ee195607d2c42c81ff97c

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
1472415
cf-polished
qual=85, origFmt=jpeg, origSize=187725
content-disposition
inline; filename="INVEST.webp"
content-length
24034
cf-bgj
imgq:85,h2pri
last-modified
Mon, 12 Aug 2024 11:38:15 GMT
server
cloudflare
etag
"66b9f427-2dd4d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad94b18d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bakkali.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/08/bakkali.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0eba8a5fa79a27e84ef8a8872a18c2dae010ddc9364d82640f65e3d6db42b5

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 14 Aug 2024 02:32:41 GMT
server
cloudflare
age
1436632
cf-polished
degrade=85, origSize=17247, status=webp_bigger
etag
"66bc1749-435f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad94c18d5-FRA
content-length
11272
expires
Thu, 31 Dec 2037 23:55:55 GMT
abdeslam-ahizoun1.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/08/abdeslam-ahizoun1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c141b9cdfaabac40c6baff5e3610a81949d592e8c48f2ca5230b90ab65f4592d

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
244733
cf-polished
qual=85, origFmt=jpeg, origSize=41584
content-disposition
inline; filename="abdeslam-ahizoun1.webp"
content-length
7900
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Aug 2024 23:32:31 GMT
server
cloudflare
etag
"66bbed0f-a270"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad95018d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
CODM.jpg
i1.hespress.com/wp-content/uploads/2024/07/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/07/CODM.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37260611155c3f10fad4f206effb544748d2ae2bb892cc6c030feb2d44669fd9

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
40632
cf-polished
degrade=85, origSize=145959, status=webp_bigger
content-length
91390
cf-bgj
imgq:85,h2pri
last-modified
Thu, 04 Jul 2024 14:33:13 GMT
server
cloudflare
etag
"6686b2a9-23a27"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad95218d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sccm-1.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/sccm-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540c91e25c979e4b0375c87818b560811e0540e834a86691667b093c8330ce7c

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
54419
cf-polished
degrade=85, origSize=120735, status=webp_bigger
content-length
82034
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 15:08:51 GMT
server
cloudflare
etag
"66d08f03-1d79f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad95318d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
khannous-leicester-city.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/khannous-leicester-city.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1615289647bbb0c09a664f3384c64f448abacd93eaaf93e64703c1e25145e536

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
cf-cache-status
HIT
age
64932
cf-polished
qual=85, origFmt=jpeg, origSize=75480
content-disposition
inline; filename="khannous-leicester-city.webp"
content-length
42396
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 23:32:33 GMT
server
cloudflare
etag
"66d10511-126d8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5d6cad95518d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.hespress.com/ 		111 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/?weather_and_prayer
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
bb611f4a1847a0f1b876e27a4550e15756114f8143f621db1fe251d8090001aa

Request headers

Accept
*/*
Referer
https://www.hespress.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
x-nginx-cache
HIT DE
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.13
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8bb5d6cb8a4218d5-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/ 		479 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
eea1688602474180b02e1a6c1e9b2058c98622f78d3d9b9e55211258723e9c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
75310
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152754
x-xss-protection
0
server
cafe
etag
3412434405602474095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:38:14 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82ff39521b558591912a181293f28078072b0fbbe67d1b59e665d2170d174c01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104456
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Aug 2024 15:33:24 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Aug 2024 15:33:24 GMT
document-policy
force-load-at-top
x-fb-server-load
74
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4286, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
KQGDLG5RSGDlPR6KgJZ/dMErSrzH+6IElVAOhA9n7tIaPaSPzBH1JJwbjDbJoxqiiPCjgt3RVFUF/vKstt+nLw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
1
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		130 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2097070743577287&correlator=2261163666062503&eid=31083339%2C31086641%2C95341332%2C31079525&output=ldjh&gdfp_req=1&vrg=202408270101&ptt=17&impl=fif&iu_parts=153418548%2Cmega_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=1&didk=2462911251&sfv=1-0-40&sc=1&abxe=1&dt=1725032004775&lmt=1725031962&adxs=315&adys=135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x0&msz=970x0&fws=4&ohw=1366&td=1&egid=44901&tan=af3e264c-c507-4061-86ab-4cdf7bd9b518&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725032004048&idt=632&adks=337753859&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
779c96e1af3f0bd08131bdc6afb72772156b4cbadab71deea3eb435c19168989
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42849
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5AAF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 15:33:25 GMT
expires
Fri, 30 Aug 2024 15:33:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/ 		526 B
249 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2097070743577287&correlator=2261163666062503&eid=31083339%2C31086641%2C95341332%2C31079525&output=ldjh&gdfp_req=1&vrg=202408270101&ptt=17&impl=fif&iu_parts=153418548%2Cbillboard_btf_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90%7C940x230&ifi=2&didk=1711791774&sfv=1-0-40&sc=1&abxe=1&dt=1725032004790&lmt=1725031962&adxs=315&adys=686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x16&msz=970x0&fws=4&ohw=1366&td=1&egid=44901&tan=af3e264c-c507-4061-86ab-4cdf7bd9b519&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725032004048&idt=632&adks=4098979368&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
fed5c51c33b8585a2adca61dda7f0b0abd335f2a7f7c6ec8b83e2ee2873a7221
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
220
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		514 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2097070743577287&correlator=2261163666062503&eid=31083339%2C31086641%2C95341332%2C31079525&output=ldjh&gdfp_req=1&vrg=202408270101&ptt=17&impl=fif&iu_parts=153418548%2Ccode_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&didk=525783152&sfv=1-0-40&sc=1&abxe=1&dt=1725032004796&lmt=1725031962&adxs=1599&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1600x6916&msz=1x-1&fws=0&ohw=0&td=1&egid=44901&tan=af3e264c-c507-4061-86ab-4cdf7bd9b517&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725032004048&idt=632&adks=432670791&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
4a6a3e084e653ce76fa978eb71366b6cd51b22fbb0f9c1c4da9c09ce2a6c3900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je48s0v869673765z878625843za200zb78625843&_p=1725032004186&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1026282727.1725032005&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725032004&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=915
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 15:33:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P97QV0GBGK&cid=1026282727.1725032005&gtm=45je48s0v869673765z878625843za200zb78625843&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 15:33:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P97QV0GBGK&cid=1026282727.1725032005&gtm=45je48s0v869673765z878625843za200zb78625843&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1954568885
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 15:33:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
447079109144639
connect.facebook.net/signals/config/ 		72 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/447079109144639?v=2.9.166&r=stable&domain=www.hespress.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
8cf40b3706c53bb422110c21ba26cd8fe3a68340624df2d081df79fca3740237
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Aug 2024 15:33:24 GMT
document-policy
force-load-at-top
x-fb-server-load
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14718
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=68, mss=1232, tbw=66894, tp=62, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
vg4PKLxUjqvMAG027kywC9PKVSgACXFIrkd17m9RulDeAzkJdfUhYyTkEmI5bdUqRfDq0OlebQ1DeyuAES90Gw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1725032005204&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmgoogletagmanager&ec=0&o=12318&fbp=fb.1.1725032005202.426433157639558544&cs_est=true&ler=empty&cdl=API_unavailable&it=1725032004866&coo=false&rqm=GET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1297, tbw=2825, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Aug 2024 15:33:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1725032005204&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmgoogletagmanager&ec=0&o=12318&fbp=fb.1.1725032005202.426433157639558544&cs_est=true&ler=empty&cdl=API_unavailable&it=1725032004866&coo=false&rqm=FGET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 30 Aug 2024 15:33:25 GMT
document-policy
force-load-at-top
x-fb-server-load
46
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408956046726552130", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=14, mss=1297, tbw=3142, tp=-1, tpl=-1, uplat=141, ullat=0
pragma
no-cache
x-fb-debug
oB0VXFVY9LbriEySKKheqLqR4ypkI/UMROlMYw4PcKHGWKxX8a4ZHjI53roBYDYuiFy0SdaTRGAzm/IQ4xoi1g==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408956046726552130"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6fd7791e5e325c8b11fce708a7fd55f823b70ee6d0cb46a9b605867bcbc34e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52765
x-xss-protection
0
server
cafe
etag
5768952371408421670
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 30 Aug 2024 15:33:25 GMT
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202408270101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
461df01305c0ea7ac6bed2544b98747db1f8c9fbbc0c3514a9cbc8dcfab62760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13029
x-xss-protection
0
rum
www.hespress.com/cdn-cgi/ 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 30 Aug 2024 15:33:25 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.hespress.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8bb5d6d1e9e918d5-FRA
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/ 		429 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
cc5170248bfdf1e4a592be72757b4108f7b1cc5fe9dfa40f4e7faceb4795f5b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146520
x-xss-protection
0
server
cafe
etag
13913680704821201552
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Aug 2024 15:33:25 GMT
sodar2.js
ep2.adtrafficquality.google/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Aug 2024 15:33:25 GMT
favicon.ico
i1.hespress.com/wp-content/themes/hespressar/icons/ 		868 B
1010 B 		Other
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 11:19:45 GMT
server
cloudflare
age
13778315
etag
W/"5fa925d1-364"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
8bb5d6d35b9218d5-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E57D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
77919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Aug 2024 17:54:46 GMT
expires
Fri, 29 Aug 2025 17:54:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-9809098668305457
fundingchoicesmessages.google.com/i/ 		206 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9809098668305457?href=https%3A%2F%2Fwww.hespress.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcb2b71fdc903f16c9f01919273ccce72c990840604e14baad6331de7bf4f80b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-redmuR3SaR5XUBDAWZO1MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-redmuR3SaR5XUBDAWZO1MQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiJP-nWctAGJ3rYus_kC8JOIi64HEi6yGCpdY7YFYtecSqzEQ3193ifU5EO_9eIn1KBALcXMcO3N8G5vAjbUNjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBhZG5noGRvEFBgCw_ED8"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
container.html
aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F1F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 15:33:25 GMT
expires
Fri, 30 Aug 2024 15:33:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxV_H_eCxnW1JgAz9QSSvFw2CIRP21wbRxTXIBsvdwDydJF6Tzuq0FO2oc72RGYoaaiWvy3KR3fC0hJzVefUa8WN07v2H9k5aeb-FswTLd3SHrB2mZg-dazzLwoq0S0-66hi28mf
fundingchoicesmessages.google.com/f/ 		447 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV_H_eCxnW1JgAz9QSSvFw2CIRP21wbRxTXIBsvdwDydJF6Tzuq0FO2oc72RGYoaaiWvy3KR3fC0hJzVefUa8WN07v2H9k5aeb-FswTLd3SHrB2mZg-dazzLwoq0S0-66hi28mf?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI1MDMyMDA2LDIxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVzcHJlc3MuY29tLyIsbnVsbCxbWzgsIm1uZmtnZ1JxNzQ0Il0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/am=QDA/d=1/rs=AJlcJMwctVC55fA0p5N97fVao6kVU62PNQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b988df37c1b86dbd3c6a360c3079440f9f6ca391f7c5a886b3a69d3ff063a550
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8Af0Um7JVHpLxXx9GjKt1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:33:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8Af0Um7JVHpLxXx9GjKt1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw0JBiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYiT_p1nLQBid62LrP5AvCTiIuuBxIushgqXWO2BWLXnEqsxEN9fd4n1ORDv_XiJ9SgQC_FwHDtzfBubwI3H95sYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMLIzM9QyM4gsMAC2xRxA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwjNNVj8kPNq9pbqhf2bIWH1V35nA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b3737d0ba4ac5ecc062f05ae5ff0eb61d6f1da6e80dc0bc852015a377ee39f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Aug 2024 15:33:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 15:33:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Aug 2024 15:33:26 GMT
uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
lh3.googleusercontent.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:21:42 GMT
x-content-type-options
nosniff
age
7904
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5847
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 31 Aug 2024 13:21:42 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 12:26:16 GMT
x-content-type-options
nosniff
age
270430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 12:26:16 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 18:24:42 GMT
x-content-type-options
nosniff
age
76124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Aug 2025 18:24:42 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 12:26:16 GMT
x-content-type-options
nosniff
age
270430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 12:26:16 GMT
AGSKWxX_Bckf4gftlvpK-BxP0XvAmpgwQUYq4PTYl8Xqa1aAu_NpAwUHUsK-asn5IbutIeUpf3sw_NxbZLnnxQ6zQoh1w1yie5xrzdypjxmWoGUKWWerHdl7Wn1e4Tq44Box_WGS0ic8
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_Bckf4gftlvpK-BxP0XvAmpgwQUYq4PTYl8Xqa1aAu_NpAwUHUsK-asn5IbutIeUpf3sw_NxbZLnnxQ6zQoh1w1yie5xrzdypjxmWoGUKWWerHdl7Wn1e4Tq44Box_WGS0ic8
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/am=QDA/d=1/rs=AJlcJMwctVC55fA0p5N97fVao6kVU62PNQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_L-ACcrkC8GYhPsLYSnIhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Aug 2024 15:33:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_L-ACcrkC8GYhPsLYSnIhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0ZBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOnTm-jU3gxbfDjUxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyMTAwshCz8A0vsAAAIT0Lq4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX_Bckf4gftlvpK-BxP0XvAmpgwQUYq4PTYl8Xqa1aAu_NpAwUHUsK-asn5IbutIeUpf3sw_NxbZLnnxQ6zQoh1w1yie5xrzdypjxmWoGUKWWerHdl7Wn1e4Tq44Box_WGS0ic8
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX_Bckf4gftlvpK-BxP0XvAmpgwQUYq4PTYl8Xqa1aAu_NpAwUHUsK-asn5IbutIeUpf3sw_NxbZLnnxQ6zQoh1w1yie5xrzdypjxmWoGUKWWerHdl7Wn1e4Tq44Box_WGS0ic8
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.mnfkggRq744.es5.O/am=QDA/d=1/rs=AJlcJMwctVC55fA0p5N97fVao6kVU62PNQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oC9D-NwstkmkeZtWB7LpbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Aug 2024 15:33:26 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-oC9D-NwstkmkeZtWB7LpbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15BicEqfwRoCxO5aF1n9gXhJxEXWI4kXWfd-vMR6FIiFeDiOnTm-jU1gRdPVRiYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGJgYWShZ2AaX2AAAFr2Lhc"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je48s0v869673765za200zb78625843&_p=1725032004186&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1026282727.1725032005&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1725032004&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=ad_impression&ep.query_id=COjBr_-EnYgDFT7sEQgd-Nwd8Q&_et=1240&tfd=7174
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 15:33:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408270101&jk=2097070743577287&bg=!iIuli8TNAAakh3bWhIc7ADQBe5WfONspOJX7eRWQNygGSvn0Am2pQxl3IHCTLv3diGHf2FGNx4MWWV9CQVN6O7qy3nkXAgAAAe5SAAAABWgBB34ANpdDGsMfWYtE3jUTNBgjVAqWGBoHLr8jKcQZVohgr3xYrvHiTY41e5paH017JqIIvBfLuD4gHQoAJXw7XSXLT7UeNWIFYhd3nBAmeBo3XFoWIBtEYt3yN79gQa6FVK-ZArRyMw9t_MwbUMqodkBVvz62w-J5lVenqXZqdwcAS7RPpMI6V8HTpik_3q8uLjccJVnHIA5Yf4YBVMbLHJISHnF9kMkIwfqB7-_jmbSx-dzJSdgFa7_CoKimPu9qMSVPhJEI-Z8xwdkt1uhj6KMRTPtDT0zHLet4fUtGRwCJ0uuLhR_Pr0czPgNb6bJp98haZ6keZcGROv6XLPblYnTJP2XCCIFCDn9Y_dmbLU8W_VrnHr2wDJHyw4q81CdvqjW-GhMnieG5sLY215LO8Fob8jv8JcHHbVCn7uYz8P3--E9tYosm3UX79LaK86JVyUbRuWBJCCHNGEjx5pHaVklqKSJxkPz2BFO4K2G1ufZINYkHsw8k4467-YCAi2ceHsMIfbk3JzXLXoFf5osJlZxKyFCw8ggkXLfrGbFppyNJoN5jBAH-A90WacDbfaxl-MEW3Dnfc07zNHVT6JPZ1igxdaYpYASMVYH-LL3nmbnC7Fii5pxbvPKdijXMwC9UVXpToxCQrEFU--HLVqg9ejMkUHmtiLUKU3WGf6AnRt8IOGVBLXvSOjJFi2ZgMN8dh2rpBFVriOVeaE7_3cvv6V5Xj33afNOLelEK1unFetTWznZ1m9YyzlI0Xtqkmyug865Ah_RZk-DYULhUiHMq_NTzWpP-j-TfaXr6ay04DW71XpN9yHCBRc8dhLoKldAxbSPSvfSx4_WYRpVTTXWxb-RJY_0k5Sn4FSlZ12ZeaFP14O_NGqdyzxxreWApL1YqFvcc2OxMPEKxyr5WBa8hpB-e1-S2BV2ovkgfG8lxGWTykT5xoCMMjchfNam3URWYmMnkOzmaYSkEBt8g58LZjznWse3jDGvD-8vbyptGCzNFye4BePm9IfR5lSM6Rry3MKwM4dNHL8ZRNuvjfvbmL0ZXm71UctuI-g

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| refreshAds object| googletag object| dataLayer object| TWAGORAINARTICLE object| firebase object| config function| downloadAdsenseAtOnload object| notificationApp string| popover_message string| popover_accept_text string| popover_reject_text string| popover_icon_path object| comment_lang string| copyLink string| newsletterApiId object| notificationConf object| hespress object| __cfBeacon object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| iFrameResize object| ProjectAgora function| fbq function| _fbq object| google_reactive_ads_global_state number| google_unique_id function| onYouTubeIframeAPIReady object| gaGlobal number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| GoogleGcLKhOms function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjMwNTFjMGNmN2I5NGU4bG9hZGVyX2pz string| MjMwNTFjMGNmN2I5NGU4Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

4 Cookies

Domain/Path Name / Value
.hespress.com/ Name: _ga
Value: GA1.1.1026282727.1725032005
.hespress.com/ Name: _fbp
Value: fb.1.1725032005202.426433157639558544
.hespress.com/ Name: __eoi
Value: ID=dae322a3bfed7897:T=1725032005:RT=1725032005:S=AA-AfjbXVAaKwUTxkAG5ECovJdV-
.hespress.com/ Name: _ga_P97QV0GBGK
Value: GS1.1.1725032004.1.0.1725032006.58.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aad489330eb043c85f5aa93e91e7b7de.safeframe.googlesyndication.com
connect.facebook.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i1.hespress.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
pahter.tech
palibzh.tech
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hespress.com
pagead2.googlesyndication.com
142.250.185.226
142.250.185.66
157.240.252.13
172.217.16.195
172.67.138.21
172.67.181.58
2001:4860:4802:32::36
216.58.206.34
216.58.206.46
2606:4700::6810:5049
2606:4700::6812:17c4
2a00:1450:4001:802::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2008
2a00:1450:400c:c0c::9c
2a03:2880:f177:83:face:b00c:0:25de
05d4049b84b5928a84edbd20ef8df0a9959a2a91890857a79c1fd0e70770b587
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
1615289647bbb0c09a664f3384c64f448abacd93eaaf93e64703c1e25145e536
16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7
1c0eba8a5fa79a27e84ef8a8872a18c2dae010ddc9364d82640f65e3d6db42b5
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808
245bb37b86c200540b43846e6dacb832fcaed9bdf325732a00bf7c5f08439ffa
298fec68debf03af9d988b550b3252fe26d6e21d02e797ded011bc988dd9c7f5
37260611155c3f10fad4f206effb544748d2ae2bb892cc6c030feb2d44669fd9
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cc55bca7800937f0800a8804ab98ceca7068f9a5b8b1dd227efab6aef5d156c
461df01305c0ea7ac6bed2544b98747db1f8c9fbbc0c3514a9cbc8dcfab62760
4a678f2b1553dba269d1a9b5eaa6b319318deb25ec774e9701dfb8c5edc1754d
4a6a3e084e653ce76fa978eb71366b6cd51b22fbb0f9c1c4da9c09ce2a6c3900
540c91e25c979e4b0375c87818b560811e0540e834a86691667b093c8330ce7c
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da
5abb43cb1046a6b7e7f9b80352382f655e5a3dbc317df27db2737eaea96067f3
60854517d9de70a5ccb71398c1c530df275a291550885127bfc6ea3a71c0be49
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684de390bc25cf90e6954aa0eaa0e501f332ff56db44e183bc7ad87b613b5de8
6fd7791e5e325c8b11fce708a7fd55f823b70ee6d0cb46a9b605867bcbc34e98
74b9d90d30e5650a6ca19586307bc013c1df2305ce7996b5699bb90eeafd633c
779c96e1af3f0bd08131bdc6afb72772156b4cbadab71deea3eb435c19168989
7ad7c056a84b856d1891583faacba535c3e8761654dadd0fa218902cb02d71eb
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82ff39521b558591912a181293f28078072b0fbbe67d1b59e665d2170d174c01
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8cf40b3706c53bb422110c21ba26cd8fe3a68340624df2d081df79fca3740237
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
8ec8c2c88d96a4f64dc518a9efe505a01b6c9f98ae16b2bc81254e35d94aea24
9c4599d035693583167b496debdecfaf3c1d6affeb166a5a34c46cd39fa1c4cd
a01529fb33b0c4ae0a1c4017a26a24641d2109386d0655bb1252d2ac8474af3e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3737d0ba4ac5ecc062f05ae5ff0eb61d6f1da6e80dc0bc852015a377ee39f2b
b43b3c99e34e784044aaf0dfed1d0301506703eee2da14fffec4a5c954f84bd7
b4a073272c87a95c418d0b18a9a0abaa777530ba4fd1c3ef91b6e1344f1e41be
b527f31cac6ead2be6b29bd17dc289d87a984a2dac3bd5682cf5e7640903f391
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
b988df37c1b86dbd3c6a360c3079440f9f6ca391f7c5a886b3a69d3ff063a550
bb611f4a1847a0f1b876e27a4550e15756114f8143f621db1fe251d8090001aa
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6
c141b9cdfaabac40c6baff5e3610a81949d592e8c48f2ca5230b90ab65f4592d
c27c92675ae4b9f554b0c032b104f69e559d6be67879b066ca7fbe5fd00d292b
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
c85ad4cddbf44e81505ede9fffe8cccdd44f4685007a9b410aeef1c5bd9e3f22
cc5170248bfdf1e4a592be72757b4108f7b1cc5fe9dfa40f4e7faceb4795f5b8
cec87b0f93e3a2df465ead33e439b3a6a4e293575100dcec53305e5e1fce901a
d17cc494d88e4a15a21585336a997c0d88e7d0988e0ee195607d2c42c81ff97c
dcb2b71fdc903f16c9f01919273ccce72c990840604e14baad6331de7bf4f80b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46fcc6c6b461a0fbb6e04001b1cef826e6c53c3e058a8735c6163ba8a094412
e4ff1c3d1c49146d6664c1f466319044a248493275a42e7fc9b949788edf4c47
eea1688602474180b02e1a6c1e9b2058c98622f78d3d9b9e55211258723e9c30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45045878eee5e09bb1bf16f3865e0dd604308ff1c9af0216f2ebff3bc60d5b4
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17
fad8ac8587dc09a7d740f9e5a306544ebab546575962f7db937ad4e2ccdbd0f8
fe37752cde309f1f686617252fcbe9432d08e72c49e9e248268cffe20fe001a7
fed5c51c33b8585a2adca61dda7f0b0abd335f2a7f7c6ec8b83e2ee2873a7221