urlscan.io logo urlscan.io
SecurityTrails logo

www.hespress.com Open in urlscan Pro
2606:4700::6812:17c4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://almagharibiya.com.tqf.avw.temporary.site/
Effective URL: https://www.hespress.com/
Submission: On June 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 16 domains to perform 85 HTTP transactions. The main IP is 2606:4700::6812:17c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hespress.com. The Cisco Umbrella rank of the primary domain is 511172.
TLS certificate: Issued by E1 on June 5th 2024. Valid for: 3 months.
This is the only time www.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 50.6.160.41 19871 (NETWORK-S...)
34 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 142.250.184.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
10 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 216.58.212.142 15169 (GOOGLE)
85 23
1    50.6.160.41 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 50-6-160-41.unifiedlayer.com
almagharibiya.com.tqf.avw.temporary.site
34    2606:4700::6812:17c4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hespress.com
i1.hespress.com
4    2606:4700::6812:16c4 (United States)

ASN13335 (CLOUDFLARENET, US)
i1.hespress.com
1    2606:4700:3037::6815:284d (United States)

ASN13335 (CLOUDFLARENET, US)
pahter.tech
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3033::6815:5ea5 (United States)

ASN13335 (CLOUDFLARENET, US)
palibzh.tech
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
10    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f9df95841b079ef1fe0728837e814ac6.safeframe.googlesyndication.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.google.de
2    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f142.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
38 hespress.com
www.hespress.com — Cisco Umbrella Rank: 511172
i1.hespress.com — Cisco Umbrella Rank: 536885
2 MB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
f9df95841b079ef1fe0728837e814ac6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
266 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
129 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 486
104 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
191 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
176 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
73 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
173 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 112
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
6 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 8088
63 B
1 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 61146
106 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1073
7 KB
1 pahter.tech
pahter.tech — Cisco Umbrella Rank: 422115
3 KB
1 temporary.site
almagharibiya.com.tqf.avw.temporary.site
92 B
85 16
Domain Requested by
34 i1.hespress.com www.hespress.com
i1.hespress.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.hespress.com
pagead2.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 www.hespress.com www.hespress.com
i1.hespress.com
static.cloudflareinsights.com
3 fonts.gstatic.com
3 tpc.googlesyndication.com www.hespress.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 www.facebook.com www.hespress.com
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net www.hespress.com
connect.facebook.net
2 www.googletagmanager.com www.hespress.com
www.googletagmanager.com
2 www.gstatic.com www.hespress.com
2 securepubads.g.doubleclick.net www.hespress.com
securepubads.g.doubleclick.net
1 lh3.googleusercontent.com
1 fonts.googleapis.com
1 www.google.de www.hespress.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 f9df95841b079ef1fe0728837e814ac6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 palibzh.tech pahter.tech
1 static.cloudflareinsights.com www.hespress.com
1 pahter.tech www.hespress.com
1 almagharibiya.com.tqf.avw.temporary.site 1 redirects
85 22
Subject Issuer Validity Valid
hespress.com
E1		 2024-06-05 -
2024-09-03		 3 months crt.sh
pahter.tech
WE1		 2024-06-13 -
2024-09-11		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
palibzh.tech
WE1		 2024-06-08 -
2024-09-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-03 -
2024-07-02		 3 months crt.sh
*.google.de
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
misc-sni.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.hespress.com/
Frame ID: 77912212DD210D3B847792B11F623080
Requests: 73 HTTP requests in this frame

Frame: https://f9df95841b079ef1fe0728837e814ac6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 620FF581E0807930C1B7E2E9C5F42C46
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs
Frame ID: 8EE648E3DDF7A867A550900DF400DF3D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FCAD0AED1B464380BE01B5FDC6CCDEA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hespress - هسبريس جريدة إلكترونية مغربية

Page URL History Show full URLs

  1. https://almagharibiya.com.tqf.avw.temporary.site/ HTTP 302
    https://www.hespress.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

85
Requests

98 %
HTTPS

78 %
IPv6

16
Domains

22
Subdomains

23
IPs

3
Countries

2903 kB
Transfer

6616 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://almagharibiya.com.tqf.avw.temporary.site/ HTTP 302
    https://www.hespress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hespress.com/
Redirect Chain
  • https://almagharibiya.com.tqf.avw.temporary.site/
  • https://www.hespress.com/
242 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
5a6d358a8c9f0bb3a77644191f06e4f45098a3a87bfba16b1c4a707a33c6bb5b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
age
12
cf-cache-status
HIT
cf-ray
89951cc739ad8fd6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Jun 2024 12:55:31 GMT
last-modified
Tue, 25 Jun 2024 12:55:19 GMT
server
cloudflare
vary
Accept-Encoding
x-nginx-cache
HIT DE
x-powered-by
PHP/7.4.13

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 25 Jun 2024 12:55:30 GMT
location
https://www.hespress.com
server
Apache
Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
122721
etag
W/"6567ba7a-89c8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
89951cc9fa5c8fe2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
1194925
etag
W/"6567ba7a-8bd4"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
89951cc9fa5b8fe2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
8967297
etag
W/"6567ba7a-8cc8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
89951cc9fa568fe2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hespress.com.js
pahter.tech/c/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahter.tech/c/hespress.com.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:284d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y6V3TZ4GNXZ4EYVH
age
6215
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2289
x-amz-id-2
Ld5xJ3zZTNUIXaaresY4k1S0TO/OqIxDLHE2ZbSgWk+Fjy6P+rNvxfGmW36gO2+RT/8z9a3GpxzNDdml2jtWog==
last-modified
Thu, 08 Feb 2024 12:06:52 GMT
server
cloudflare
etag
"3f02c9d26139d05930116dc637a9e68e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RrSUpyVPniXKSScugM5VH68yXi5IXxDp9frFIs90O0tWHTYqQBaEZi6hBBNnd3BkJtPmSI7wLYJE%2F1laG91qc3iyH8jiK%2FJ7Erw1PtBRb%2F%2BG07L%2FTBQuLNuic5Sggh6k3pmvfpCMyKLatQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89951cc9f8133a66-FRA
desktop.css
i1.hespress.com/wp-content/themes/hespressar/css/ 		400 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0033814a3a70b538596068ea93395fca5ef438b32bde093f59362e19e11dbaf4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 09 May 2024 22:47:45 GMT
server
cloudflare
age
4025197
cf-polished
origSize=411961
etag
W/"663d5291-64939"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
89951cc96cdf8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3b6e25632f3d376b0c494b805ef2c920da449fa9156b72c101fd1f76b51793e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31910
x-xss-protection
0
server
cafe
etag
81 / 19899 / m202406180101 / config-hash: 5013368816907510940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Jun 2024 12:55:32 GMT
Julian-Assange1.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/Julian-Assange1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f1eb5561fe1189304c558fb0db40ca330b2195ac8f59bf818995e648bb1f223

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
1335
cf-polished
qual=85, origFmt=jpeg, origSize=260901
content-disposition
inline; filename="Julian-Assange1.webp"
content-length
54250
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jun 2024 12:54:10 GMT
server
cloudflare
etag
"667abdf2-3fb25"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951cc96ce38fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sit-in-etudients-medcine.jpg
i1.hespress.com/wp-content/uploads/2024/03/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/03/sit-in-etudients-medcine.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
349535014c42270b98f63386fe80cffd295e6ad4bd1c0ffdd237ff79ee6ca5c4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
3855
cf-polished
degrade=85, origSize=95505, status=webp_bigger
content-length
77526
cf-bgj
imgq:85,h2pri
last-modified
Mon, 11 Mar 2024 21:20:07 GMT
server
cloudflare
etag
"65ef7587-17511"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951cc96ce48fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.2.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 14:44:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6546
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 20 Jun 2025 14:44:38 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.2.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:51:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10840
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 14:51:45 GMT
script.min.js
i1.hespress.com/wp-content/themes/hespressar/js/ 		210 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.46
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a22966f8553cf803759c1a3d324a68339f11a9ce2aaefeff03f3f39c8fda3f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
4025227
etag
W/"6626d023-34905"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
89951cca5e248fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
89951ccda80a3a68-FRA
gtm.js
www.googletagmanager.com/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9edfd08b69f049801fff56a6b9eaa030b6a588d2961e9923f2ddcf08f8a82ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72963
x-xss-protection
0
last-modified
Tue, 25 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Jun 2024 12:55:32 GMT
sprite.svg
www.hespress.com/wp-content/themes/hespressar/ 		215 KB
57 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/wp-content/themes/hespressar/sprite.svg?6.46
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=300
cf-ray
89951cca5e278fd6-FRA
expires
Tue, 25 Jun 2024 13:00:32 GMT
projectagora.min.js
palibzh.tech/libs/ 		379 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palibzh.tech/libs/projectagora.min.js
Requested by
Host: pahter.tech
URL: https://pahter.tech/c/hespress.com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:5ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5093b9715be664c2d990e74b78cf4e17fd43d326efe4edd57c0331ced16cb7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
7FCV47YGP2VD2K2J
age
5793
x-amz-server-side-encryption
AES256
x-amz-meta-version
3.26.2
alt-svc
h3=":443"; ma=86400
content-length
108172
x-amz-id-2
ilqE9zaDAUUyQ/sHJ1leh4uUkqElnd+ZcA441AmvChk5CAHbkRDjHNmczXjNlLJfxIZd6IkPsq/dFfJIg9IFjA==
last-modified
Wed, 22 May 2024 09:06:13 GMT
server
cloudflare
etag
"ab01f6c5749c4dd79df5ac34c8581f87"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sNklLUfHQVCxg5gGBftH7LANRRoOJa%2BOQIxibEeRUAwq1dUAUJ6FlDTgfvVygOHkIWwATx%2BocOgZB05TZNwTnUyp1DmTs2wb19HX2Zj8qaQVEcW6f8vQnBgzjrTu9bMDJytBrHVYVtQcXV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89951ccdaf9b3673-FRA
sprite.svg
i1.hespress.com/wp-content/themes/hespressar/ 		215 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.45
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
282
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
89951cca8e7f8fd6-FRA
expires
Tue, 25 Jun 2024 13:00:32 GMT
shows-bg.jpg
i1.hespress.com/wp-content/themes/hespress/img/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespress/img/shows-bg.jpg
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
69472
cf-polished
qual=85, origFmt=jpeg, origSize=125674
content-disposition
inline; filename="shows-bg.webp"
content-length
42292
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 15:00:22 GMT
server
cloudflare
etag
"64527706-1eaea"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951cca9e858fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholder.png
i1.hespress.com/wp-content/themes/hespressar/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/img/placeholder.png
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
1194891
cf-polished
origFmt=png, origSize=4471
content-disposition
inline; filename="placeholder.webp"
content-length
3412
cf-bgj
imgq:85,h2pri
last-modified
Sat, 14 Nov 2020 22:53:56 GMT
server
cloudflare
etag
"5fb06004-1177"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951cca9e898fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
weathericons-regular.otf
i1.hespress.com/wp-content/themes/hespress/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/weathericons-regular.otf
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 06:25:03 GMT
server
cloudflare
age
30818
etag
"5fcf1c3f-d360"
vary
Accept-Encoding
content-type
application/x-font-otf
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2bd28fe2-FRA
content-length
54112
expires
Thu, 31 Dec 2037 23:55:55 GMT
DHJ-SITE.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/DHJ-SITE.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802099e5e26f93322f1150e4ed011d60fb125cc74b14a152767515d5947509e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
59811
cf-polished
qual=85, origFmt=jpeg, origSize=232350
content-disposition
inline; filename="DHJ-SITE.webp"
content-length
35572
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jun 2024 22:00:54 GMT
server
cloudflare
etag
"6679ec96-38b9e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2f4b8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Plages_Hamza_site.jpeg
i1.hespress.com/wp-content/uploads/2024/06/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/Plages_Hamza_site.jpeg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c9092231d33275c688a67732dac9ea88e3e54b3b79a0c0434b1723f692869f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
143594
cf-polished
qual=85, origFmt=jpeg, origSize=192079
content-disposition
inline; filename="Plages_Hamza_site.webp"
content-length
72048
cf-bgj
imgq:85,h2pri
last-modified
Sun, 23 Jun 2024 22:37:31 GMT
server
cloudflare
etag
"6678a3ab-2ee4f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2f4e8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
eid_.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/eid_.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
794c03f68cb5ef31d7df5471450a41f9ecaea53df90eac5877d5eb175f3ec7e3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
748153
cf-polished
qual=85, origFmt=jpeg, origSize=183354
content-disposition
inline; filename="eid_.webp"
content-length
78220
cf-bgj
imgq:85,h2pri
last-modified
Sun, 16 Jun 2024 22:41:08 GMT
server
cloudflare
etag
"666f6a04-2cc3a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2f518fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
douik-1.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/douik-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9352a95f817b3486c683f299f6572485c83571488d18f20167ee640327e113cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
403315
cf-polished
qual=85, origFmt=jpeg, origSize=69469
content-disposition
inline; filename="douik-1.webp"
content-length
26240
cf-bgj
imgq:85,h2pri
last-modified
Sat, 15 Jun 2024 22:05:30 GMT
server
cloudflare
etag
"666e102a-10f5d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2f578fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Aid_Adha.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/Aid_Adha.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e5eb85a44b1625658678606ed5764110e5193dec9f9111d762c35ce18be955

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
924738
cf-polished
origSize=46782, status=webp_bigger
content-length
45512
cf-bgj
imgq:85,h2pri
last-modified
Fri, 14 Jun 2024 21:03:51 GMT
server
cloudflare
etag
"666cb037-b6be"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2f588fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
kessab.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/kessab.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df567b9a2c69061a85958773ba6f86633374b2abcb9f3b1600ff27b10cbe1e42

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
423530
cf-polished
qual=85, origFmt=jpeg, origSize=136189
content-disposition
inline; filename="kessab.webp"
content-length
57208
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jun 2024 22:12:03 GMT
server
cloudflare
etag
"666b6eb3-213fd"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2f598fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
mokhtar.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/mokhtar.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca9f006b0f12ad30234a601607139bd1d8d8fd76b40422c463e9097e4129ee4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
30910
cf-polished
qual=85, origFmt=jpeg, origSize=68511
content-disposition
inline; filename="mokhtar.webp"
content-length
53322
cf-bgj
imgq:85,h2pri
last-modified
Tue, 11 Jun 2024 23:58:21 GMT
server
cloudflare
etag
"6668e49d-10b9f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2f5a8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bidon.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/bidon.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c483e36a3fb41215b3aa522f9bc323a112338e7cc1727df49b14318b5373366

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
423413
cf-polished
qual=85, origFmt=jpeg, origSize=220678
content-disposition
inline; filename="bidon.webp"
content-length
102348
cf-bgj
imgq:85,h2pri
last-modified
Fri, 07 Jun 2024 19:40:15 GMT
server
cloudflare
etag
"6663621f-35e06"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2f5b8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hamid.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/hamid.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e60cdcfeed5b230df43b1d9d5ebeccb706091c25fb35b33c8c9303311e8fc8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
4367
cf-polished
qual=85, origFmt=jpeg, origSize=90190
content-disposition
inline; filename="hamid.webp"
content-length
37260
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jun 2024 13:03:27 GMT
server
cloudflare
etag
"667ac01f-1604e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb2f5e8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bus.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/bus.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2932c7f8bda852da3c3b5cc5d8d8aea7c15c0bbeea969670bbfa9f849b8f8e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
5534
cf-polished
qual=85, origFmt=jpeg, origSize=129743
content-disposition
inline; filename="bus.webp"
content-length
53520
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jun 2024 13:11:42 GMT
server
cloudflare
etag
"667ac20e-1facf"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fa88fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
haifa.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/haifa.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a67b4d163298c0a3180787a90254d86590a96ff2a3a196eb4b27ff9628267d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
11350
cf-polished
qual=85, origFmt=jpeg, origSize=58262
content-disposition
inline; filename="haifa.webp"
content-length
24178
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jun 2024 11:50:51 GMT
server
cloudflare
etag
"667aaf1b-e396"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fb08fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
nawal_zoghbi.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/nawal_zoghbi.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b6e5ffb1f52a3cda0b3392331785d3d6b6929a70ae514b7de7cd615eff1b969

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
51761
cf-polished
qual=85, origFmt=jpeg, origSize=74234
content-disposition
inline; filename="nawal_zoghbi.webp"
content-length
53370
cf-bgj
imgq:85,h2pri
last-modified
Tue, 25 Jun 2024 00:22:04 GMT
server
cloudflare
etag
"667a0dac-121fa"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fb38fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ryad_oulfa.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/ryad_oulfa.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e95e5b1b7809bcd5b8b536a0a496dc7ce3cc2e6842097e5ed063b539d4917e12

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
53667
cf-polished
degrade=85, origSize=65053, status=webp_bigger
content-length
52839
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jun 2024 23:55:57 GMT
server
cloudflare
etag
"667a078d-fe1d"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fb58fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ada-1.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/ada-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08f6271b9e93bce360768d37b016b5381e60b7254d5ad7f2d2baa73ad30d452

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
328658
cf-polished
qual=85, origFmt=jpeg, origSize=170998
content-disposition
inline; filename="ada-1.webp"
content-length
81880
cf-bgj
imgq:85,h2pri
last-modified
Fri, 21 Jun 2024 19:31:43 GMT
server
cloudflare
etag
"6675d51f-29bf6"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fb88fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
azzemour.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/azzemour.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
739cc02bc564ec689695536d0e454311b0702d2304bab32f5464324e55655c2c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
21321
cf-polished
qual=85, origFmt=jpeg, origSize=120946
content-disposition
inline; filename="azzemour.webp"
content-length
48130
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jun 2024 15:13:11 GMT
server
cloudflare
etag
"66798d07-1d872"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fba8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
piscine-rabat.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/piscine-rabat.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b04dc076cfc952b650c8b7a977dc32a052b3b7866424f9d692ee5326ab743eab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
84228
cf-polished
qual=85, origFmt=jpeg, origSize=127889
content-disposition
inline; filename="piscine-rabat.webp"
content-length
50934
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jun 2024 15:08:06 GMT
server
cloudflare
etag
"66798bd6-1f391"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fbb8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sitee-2.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/sitee-2.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed3cc855d3f061fceecf031312c481dabb418ca5bfebf9c383d258e75b7ca511

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
407629
cf-polished
status=not_needed
content-length
41750
cf-bgj
imgq:85,h2pri
last-modified
Thu, 20 Jun 2024 21:07:58 GMT
server
cloudflare
etag
"66749a2e-a316"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fbd8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
omar-sawaada.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/06/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/06/omar-sawaada.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92b4f1b72c9249ca6b63d9503af518fdc3ce88eb99b72951f5b48b1f9ad789e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
1023584
cf-polished
qual=85, origFmt=jpeg, origSize=15502
content-disposition
inline; filename="omar-sawaada.webp"
content-length
9674
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jun 2024 18:33:17 GMT
server
cloudflare
etag
"666b3b6d-3c8e"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fbe8fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ait-menna-1.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/06/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/06/ait-menna-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
470f047e2b3f4914c9449419ca7d5522d554c7b9731714fa7010d849d9d4ff56

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
423194
cf-polished
qual=85, origFmt=jpeg, origSize=16585
content-disposition
inline; filename="ait-menna-1.webp"
content-length
10952
cf-bgj
imgq:85,h2pri
last-modified
Thu, 13 Jun 2024 18:29:00 GMT
server
cloudflare
etag
"666b3a6c-40c9"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fc08fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
wac-club.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/wac-club.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4a817255e0061ce3ee81d3a44ddeba6f1ae3ff3d9bb88bc108612ee62f2b8b7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
55231
cf-polished
qual=85, origFmt=jpeg, origSize=98279
content-disposition
inline; filename="wac-club.webp"
content-length
58704
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Jun 2024 19:50:13 GMT
server
cloudflare
etag
"666212f5-17fe7"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fc28fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Mohamed-ben-masaoud.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/Mohamed-ben-masaoud.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6905e1554a48e1fb9a46092029130985b83545b83adce2b4692e6b360ecc962

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
49632
cf-polished
qual=85, origFmt=jpeg, origSize=243353
content-disposition
inline; filename="Mohamed-ben-masaoud.webp"
content-length
38856
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jun 2024 22:15:03 GMT
server
cloudflare
etag
"6679efe7-3b699"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fc38fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Croatie-italie.jpg
i1.hespress.com/wp-content/uploads/2024/06/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/06/Croatie-italie.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0db271ec8484cf36e2d6f04fbcccad36c64392ef1feddd2b59f7e9da83d07b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
cf-cache-status
HIT
age
57082
cf-polished
qual=85, origFmt=jpeg, origSize=276243
content-disposition
inline; filename="Croatie-italie.webp"
content-length
36756
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jun 2024 22:29:56 GMT
server
cloudflare
etag
"6679f364-43713"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
89951ccb6fc48fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.hespress.com/ 		111 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/?weather_and_prayer
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
1d5ca30d122875d15a5915547dc8a1c3db1941fb96201905bb4779763ec097fc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.hespress.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:33 GMT
content-encoding
br
x-nginx-cache
HIT DE
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.13
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
89951cce4c0f8fd6-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/ 		464 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f40e23ed3e42b0bfee05cb46d8ebc0982b6d05e2a4c7398bf9e8f680f5a0f4c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 10:21:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
9255
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147919
x-xss-protection
0
server
cafe
etag
11576365170569119095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 25 Jun 2025 10:21:17 GMT
js
www.googletagmanager.com/gtag/ 		301 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac68caee091f4e482e1db39da3c456fe846285889adc67a8999f2d60d69b7363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103765
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 25 Jun 2024 12:55:32 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 25 Jun 2024 12:55:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58024
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
IyezzBpmQmxpAGQ7lUbXDYBmQewIXa0FAoo1Gmk8UU/M2uvNvuLdehMKvKaWDrrp9JfkpAC2ZJk3wqrIBup9gQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		607 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=842735641986067&correlator=1765527512593316&eid=95335606%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406180101&ptt=17&impl=fif&ltd_cs=1&iu_parts=153418548%2Cbillboard_btf_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90%7C940x230&ifi=1&didk=1711791774&sfv=1-0-40&sc=1&abxe=1&dt=1719320133151&lmt=1719320119&adxs=315&adys=686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x16&msz=970x0&fws=4&ohw=1366&ga_vid=986772664.1719320133&ga_sid=1719320133&ga_hid=1140336936&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719320132009&idt=1000&adks=4098979368&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
05224015868afe41c9fda796bc98fa55f677fc9ad3675e98982d79bc8ebabf34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
291
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f9df95841b079ef1fe0728837e814ac6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 620F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f9df95841b079ef1fe0728837e814ac6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jun 2024 12:55:33 GMT
expires
Tue, 25 Jun 2024 12:55:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/ 		44 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=842735641986067&correlator=1765527512593316&eid=95335606%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406180101&ptt=17&impl=fif&ltd_cs=1&iu_parts=153418548%2Cmega_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=2&didk=2462911251&sfv=1-0-40&sc=1&abxe=1&dt=1719320133175&lmt=1719320119&adxs=315&adys=135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x0&msz=970x0&fws=4&ohw=1366&ga_vid=986772664.1719320133&ga_sid=1719320133&ga_hid=1140336936&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719320132009&idt=1000&adks=337753859&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
7f8a0455047e2a5a80e6cfaa5d26d138ed99095c62e6b69d2a9f55f83499ab89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11280
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		514 B
239 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=842735641986067&correlator=1765527512593316&eid=95335606%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406180101&ptt=17&impl=fif&ltd_cs=1&iu_parts=153418548%2Ccode_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&didk=525783152&sfv=1-0-40&sc=1&abxe=1&dt=1719320133181&lmt=1719320119&adxs=1599&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1600x6946&msz=1x-1&fws=0&ohw=0&ga_vid=986772664.1719320133&ga_sid=1719320133&ga_hid=1140336936&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719320132009&idt=1000&adks=432670791&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
f1701b498b9b0798853299023363a335537dec4860616019ce9b00d9a8026d46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je46j0v869673765z878625843za200zb78625843&_p=1719320132177&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=986772664.1719320133&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719320133&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=page_view&_fv=1&_ss=2&tfd=3716&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:55:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P97QV0GBGK&cid=986772664.1719320133&gtm=45je46j0v869673765z878625843za200zb78625843&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:55:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P97QV0GBGK&cid=986772664.1719320133&gtm=45je46j0v869673765z878625843za200zb78625843&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1195727721
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:55:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
447079109144639
connect.facebook.net/signals/config/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/447079109144639?v=2.9.158&r=stable&domain=www.hespress.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e00561aa22f06ab8b944d947232cd762ccaa38aefa2368f60f1293c1755019c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 25 Jun 2024 12:55:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14115
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=62, mss=1297, tbw=63564, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
mE2iOFLyUSERwPVj21XLx/YiZyyz0jreyCK2oi0y+SjN455A8kwj1IPGxaNuWzMB1b7JWecP6WhOrjwnP9wwEw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1719320133470&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1719320133467.220824392886906612&cs_est=true&ler=empty&cdl=API_unavailable&it=1719320133351&coo=false&rqm=GET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 25 Jun 2024 12:55:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1719320133470&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1719320133467.220824392886906612&cs_est=true&ler=empty&cdl=API_unavailable&it=1719320133351&coo=false&rqm=FGET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x66b6a42edfeee4be","source_keys":["1","2"]},{"key_piece":"0x60bc9b65f6ab23c2","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 25 Jun 2024 12:55:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7384423744519486551", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3086, tp=-1, tpl=-1, uplat=116, ullat=0
pragma
no-cache
x-fb-debug
mbZIl5HAS1jTuLz65pjsdcXtpk17WLkArQ30ddO7e8XXz7gsU/9A3MDWcr4sjLUIDKSbMRC/e8vRgi0aRK7PLA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7384423744519486551"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
07c8be2ec36ec4b45a6b215c39d63818bcddc4fc4b363d81d8305262f4baf763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53295
x-xss-protection
0
server
cafe
etag
3555000566791233999
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 25 Jun 2024 12:55:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
397627abb28e7c7be6331a53adeefc7ca9d18126944451bcb71c8a4324b03a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12645
x-xss-protection
0
rum
www.hespress.com/cdn-cgi/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 25 Jun 2024 12:55:33 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.hespress.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
89951cd3eb8c8fd6-FRA
favicon.ico
i1.hespress.com/wp-content/themes/hespressar/icons/ 		868 B
1003 B 		Other
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 11:19:45 GMT
server
cloudflare
age
8066443
etag
W/"5fa925d1-364"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
89951cd3fb998fd6-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012405231944000/ Frame 8EE6 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 14:22:15 GMT
age
513198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56221
x-xss-protection
0
server
sffe
etag
"4f8c718905502572"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Jun 2025 14:22:15 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 8EE6 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 14:22:15 GMT
age
513198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5215
x-xss-protection
0
server
sffe
etag
"520f632e10627ab5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Jun 2025 14:22:15 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 8EE6 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 14:22:15 GMT
age
513198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29049
x-xss-protection
0
server
sffe
etag
"d2ee33e5ff8fd311"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Jun 2025 14:22:15 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 8EE6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 14:22:15 GMT
age
513198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1909
x-xss-protection
0
server
sffe
etag
"bfb34e064e92ea30"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Jun 2025 14:22:15 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 8EE6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405231944000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jun 2024 14:22:15 GMT
age
513198
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12965
x-xss-protection
0
server
sffe
etag
"35ded0b44597563f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 19 Jun 2025 14:22:15 GMT
truncated
/ Frame 8EE6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10e1fdacb43f9d6f7c70bca2d821479beb769767dce2d45368882a1fd8eaee88

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
10787603714176491342
tpc.googlesyndication.com/simgad/ Frame 8EE6 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10787603714176491342
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
260ecfe376a4c41e24c703b4ffd1c40bc38d4f23769e20385e6d1659ff53cd58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Wed, 25 Jun 2025 06:00:22 GMT
date
Tue, 25 Jun 2024 06:00:22 GMT
x-content-type-options
nosniff
age
24911
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35379
x-xss-protection
0
last-modified
Fri, 24 May 2024 06:00:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ar.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 8EE6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 15:02:11 GMT
x-content-type-options
nosniff
server
cafe
age
78802
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Tue, 25 Jun 2024 15:02:11 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 8EE6 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 11:41:12 GMT
x-content-type-options
nosniff
server
cafe
age
4461
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 26 Jun 2024 11:41:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jun 2024 12:55:33 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/ 		431 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
520603b66dfefd65715f658193223c3d4c1f703921a80e8e08f84d4e0601259a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148904
x-xss-protection
0
server
cafe
etag
14536203618198134601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Jun 2024 12:55:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FCAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
3963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jun 2024 11:49:31 GMT
expires
Wed, 25 Jun 2025 11:49:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-9809098668305457
fundingchoicesmessages.google.com/i/ 		197 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9809098668305457?href=https%3A%2F%2Fwww.hespress.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38043081d4b1b854f4ce04a547e739d155d25f9215bf5b21ef98d110fce154a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fz9lmQcFPVZ0bBH3QE_Zag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-Fz9lmQcFPVZ0bBH3QE_Zag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw15BiOO90h-k6EEt8fcmkAcRO6TNYg4DYp34GawwQt948xzoViD8_Psf6G4iT_p1nLQLiJREXWQ8lXmQ9-Pgi60kgFuLhOPbn1WY2gQ3dL68wKmkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBkZ6xmYxRcYAAAZ0DqR"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
adview
pagead2.googlesyndication.com/pagead/ Frame 8EE6 		0
0
AGSKWxUJx5k0qAMG2yGg4zv7gfHZw-QqIKze3yTmJK1_qXRY3d290xJcgm4UHmrlcLOk3F0-99JBPOK5-deeFpCHTPGJf1HpBuMeXwPtEKR1sscCnZjEsaJ4jA6-X9ObdJhw-UVwNLS8
fundingchoicesmessages.google.com/f/ 		438 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUJx5k0qAMG2yGg4zv7gfHZw-QqIKze3yTmJK1_qXRY3d290xJcgm4UHmrlcLOk3F0-99JBPOK5-deeFpCHTPGJf1HpBuMeXwPtEKR1sscCnZjEsaJ4jA6-X9ObdJhw-UVwNLS8?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5MzIwMTM0LDU5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVzcHJlc3MuY29tLyIsbnVsbCxbWzgsIlE5Q2NWT2RQUmpFIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJmYWxzZSJdLFsxOSwiMSJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMy4x_pq4jiqk9c5mZ-HoD2H-2-3NA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6efe1f0481eeed8bb28a4fa7bfe91c591a5bb436db0d1424c2bd1d6c90726b1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hO5N_7dOCfOnry8UUGI9Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:34 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hO5N_7dOCfOnry8UUGI9Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtHikmLw1pBiUAzbyXTe6Q7TdSCW-PqSSQOIndJnsAYBsU_9DNYYIG69eY51KhB_fnyO9TcQJ_07z1oExEsiLrIeSrzIevDxRdaTQCzEw3Hsz6vNbAIvfr-8yqSkkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkYmBmZKxnYBZfYAAA2YU8bQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Q9CcVOdPRjE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzjk_zm6kJ0SQhYd1cAPH3RMu_Pqg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Jun 2024 12:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Jun 2024 12:55:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jun 2024 12:55:35 GMT
uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
lh3.googleusercontent.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 25 Jun 2024 12:55:35 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5847
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 26 Jun 2024 12:55:35 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:53:43 GMT
x-content-type-options
nosniff
age
597712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:53:43 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:42:02 GMT
x-content-type-options
nosniff
age
598413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:42:02 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:53:43 GMT
x-content-type-options
nosniff
age
597712
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:53:43 GMT
AGSKWxWmTU1hVV_iARl6m_8SMdRfVAUNXMsP1cnEhQdGrjKnRgDWPfym3-oFznBdCI_VsnU6pHXkXFRiuKXfIZDyCUsuIcemgPUjhQBzgvg0pTx-YhX_89HvmpoxJniprsQ2ws-iDZOQ
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWmTU1hVV_iARl6m_8SMdRfVAUNXMsP1cnEhQdGrjKnRgDWPfym3-oFznBdCI_VsnU6pHXkXFRiuKXfIZDyCUsuIcemgPUjhQBzgvg0pTx-YhX_89HvmpoxJniprsQ2ws-iDZOQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMy4x_pq4jiqk9c5mZ-HoD2H-2-3NA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f142.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UiTjEQLrWRHvh9_PeHmGHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jun 2024 12:55:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-UiTjEQLrWRHvh9_PeHmGHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzXH8z6vNbAIf7s_hVXJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBmZGxnoG5vEFBgBQdiv2"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWmTU1hVV_iARl6m_8SMdRfVAUNXMsP1cnEhQdGrjKnRgDWPfym3-oFznBdCI_VsnU6pHXkXFRiuKXfIZDyCUsuIcemgPUjhQBzgvg0pTx-YhX_89HvmpoxJniprsQ2ws-iDZOQ
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWmTU1hVV_iARl6m_8SMdRfVAUNXMsP1cnEhQdGrjKnRgDWPfym3-oFznBdCI_VsnU6pHXkXFRiuKXfIZDyCUsuIcemgPUjhQBzgvg0pTx-YhX_89HvmpoxJniprsQ2ws-iDZOQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Q9CcVOdPRjE.es5.O/am=MAw/d=1/rs=AJlcJMy4x_pq4jiqk9c5mZ-HoD2H-2-3NA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f142.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--y55dyfvt8jR8j0dCY38ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jun 2024 12:55:35 GMT
content-security-policy
script-src 'report-sample' 'nonce--y55dyfvt8jR8j0dCY38ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzXH8z6vNbAIdMx5yK7kk5RfGJ-fnlaTmlegmphTrgthFmUmlJflFKOzUMpCKnPz09My89HgjAyMTAzMjYz0D8_gCAwAzLCuP"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8EE6 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvS_2ZjBK3UxrJoNexeJodsJBh4mvaQq1mbkWxBUk7KT1dXCu4MiqRCtFviFEeVaNnGAkyU5BlaOyUHaAk2Yq93PPf56kD47hvVQ6UGhG67iM89QSvWTw28WTp6OcBZUnEFNyQcI0GzG2qA13cErIC7FpMuHtxeVHzf8JfemlI&sig=Cg0ArKJSzKbEOifJSfFSEAE&id=ampim&o=315,134&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=544&tls=1544&g=99.92499947547913&h=99.92499947547913&tt=1544&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=126.0.6478.126&uab=64&uafvl=%5B%7B%22brand%22%3A%22Not%2FA)Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126.0.6478.126%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126.0.6478.126%22%7D%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:55:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je46j0v869673765za200zb78625843&_p=1719320132177&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=986772664.1719320133&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1719320133&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=ad_impression&ep.query_id=CPWMtc7m9oYDFY-2_QcdoAsI7Q&_et=496&tfd=9213&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 25 Jun 2024 12:55:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CvMa1Rb56ZrXWE4_t9u8PoJeg6A6ooL37d-zH5rrkEtvZHhABIKGb7TFglYKAgJQHoAHs2r7yAsgBA6kC_8oYZlj_sT7gAgCoAwHIAwiqBKYCT9DTq0ghcwCWzcJHmD3YjoaXFnFi4tFSxX_bEikbMkOtKjzl9-D7OEiC9iZqnoOU1RUY4pfJZsT6-0zVSOPuOOD62dWftgMPjpxAt2m2UDklriAUQWfCiljEkvT-sy8UTkIBN5mZkZr5FZUe53PyyD9wq2KY9DWBvN3WABIbPHqQzUA5rA0oR986t2Lhu7jC-k26T391_k9M8j1obmd0mTHBis7IgAyFy0t8RmdtcnIAF9I-6ABJ_6DlQfCQumTFAOstNVsUJ6NzeGYSAGwdOfVWiHj0u3Ed1BW-ZpqIpqr9YFsh1bIAANtgc-pWsl1uSZUfGhC3D6t9u2QTT6Lcst3ZL22kwyWMXYWza7PXfG8Bmo0zgH1NhDbjyQangXEnMY4BZYnDwASRh4jo6ATgBAGIBYWnibdPkgUECAQYAZIFBAgFGASgBgOAB_ykwY0BqAfZtrECqAfVyRuoB6a-G6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB_fCsQLYBwHyBwQQ-JwO0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WLCntM7m9oYDmgmJAWh0dHBzOi8vZW1lYS5pbmdyYW1taWNyby5jb20vZGUtZGUvaHAtdHJhZGUtaW4_dXRtX3NvdXJjZT1Hb29nbGVfQWRzJnV0bV9tZWRpdW09RGlzcGxheSZ1dG1fY2FtcGFpZ249MjRRM19ERV9IUF9UcmFkZS1JbiZ1dG1faWQ9QVpfRGlyZWN0gAoDyAsB4g0TCO3HtM7m9oYDFY-2_QcdoAsI7dgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi05ODA5MDk4NjY4MzA1NDU3GLSoHbIYCRICm18YAyIBAOgYAQ&sigh=zi2FPcT9j9A&uach_m=%5B%5D&ase=2&nis=6&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406180101&jk=842735641986067&bg=!gIOlg8zNAAb64txl2uI7ADQBe5WfOFY4YPguOQkTLwW0EDEpiySynss9JHvwpqXK4w4bZoPUfJC6luoQDWs6paOiijyYAgAAAEtSAAAAA2gBB34ANlUkcIKRksMhEbLD403-7rdjmF25AJRbUZjb6tnTJCfVg2snTr3Dry_Rvyc9O7Z9y-9ts2Bi9ZkCwko7bUIIV0PaYK-JxzpKvmH9tz6sirwDvkvnW9nQOYNBJw6-Ivtyzx89lnWQg9gVWUERLR21WKRNX4ka7BHxuU9K0E_V3yVNENT-ZIXXYfSt8NWIUquxIUhNSVFiKqhkpNFPguha6GlDNGDV7D_pXiRoXMdjsAldxYMoYCfn5vr4K-UAz0uPqkHFIUM_indh0KhJisPwySkV0NoL43u7hZ1y_q8mLF_7KP56wZOjijbBh8or1Q6Ys30a0Mz8D73nlC9l0FVyECen51NyezJv1ahrdYSDKo2xOKPDpHSa1DkGGjyU62DUTpvbq0rYqsxNyiEmYI3G7mH1qQy5jQYEd1VOiPL1SBUmKaDU8kU4HMDyHZH2_5R34t3xxSocOhmKxKpLJXyOP_Z1UiE8QCEUUCjWpy_FCMXdlW2iraY9ctv3Oa8-e0brW-gui2vNclTBAJ7ZmN3uytpQwr-9owJh6CF1Eru-haucGwZg4EPs9ltsoWFVAWVIdUpqXzD-BJseY9NiypDEUbrcSf_n9RdKTWi4gUcxHuT_x3Tx-id7YM2V6qSUrC88XnW1RJychymZNYUdJ1BzfcRnq605lXtDDvshxIa4msGpCCHxtIQoKB9ocVqiCJ-tkWm1npH35M3Qbgxdc4Jh-e6JUFHfnqhvzF13gtT4f14CimBR9T2vs9X7Uve3GfX0bp_X3aSxBbwa2OrMhQCe9qMTh9Fd2T99kgB9pVO0WEP5ebfDAGY5fZKruWRaQsrajP80EfNaxoo7n0KmHXqyocgv8PkHbTqdgRlrswb_dAY-UKCauFxXzt-hwdMxfXkvfCSp24NgyS70WjGyiSTfcWePGVm83CcXBFC5meBwkzsdnLLpTpk5s4pJmePagd2dn5n7DcKmQd9mAlw6nrbCwELH1Yqn7c0IMWvZ1gQ-eXhfSsP9XGuscxxUoS4

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| event object| fence object| sharedStorage function| refreshAds object| googletag object| dataLayer object| TWAGORAINARTICLE object| firebase object| config function| downloadAdsenseAtOnload object| notificationApp string| popover_message string| popover_accept_text string| popover_reject_text string| popover_icon_path object| comment_lang string| copyLink string| newsletterApiId object| notificationConf object| hespress object| __cfBeacon object| ggeac object| google_tag_data object| google_js_reporting_queue function| iFrameResize object| ProjectAgora object| google_tag_manager function| fbq function| _fbq boolean| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| gaGlobal function| onYouTubeIframeAPIReady object| GoogleGcLKhOms number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjMwNTFjMGNmN2I5NGU4bG9hZGVyX2pz string| MjMwNTFjMGNmN2I5NGU4Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

4 Cookies

Domain/Path Name / Value
.hespress.com/ Name: _ga
Value: GA1.1.986772664.1719320133
.hespress.com/ Name: _fbp
Value: fb.1.1719320133467.220824392886906612
.hespress.com/ Name: _ga_P97QV0GBGK
Value: GS1.1.1719320133.1.0.1719320133.60.0.0
.hespress.com/ Name: __eoi
Value: ID=c8b09bb264f7d8ed:T=1719320133:RT=1719320133:S=AA-AfjYaCWDZzZI0X8j3fqszFgy8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

almagharibiya.com.tqf.avw.temporary.site
cdn.ampproject.org
connect.facebook.net
f9df95841b079ef1fe0728837e814ac6.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i1.hespress.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
pahter.tech
palibzh.tech
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hespress.com
pagead2.googlesyndication.com
142.250.184.194
142.250.186.130
142.250.186.67
2001:4860:4802:32::36
216.58.212.142
2606:4700:3033::6815:5ea5
2606:4700:3037::6815:284d
2606:4700::6810:5049
2606:4700::6812:16c4
2606:4700::6812:17c4
2a00:1450:4001:801::2001
2a00:1450:4001:801::200e
2a00:1450:4001:806::2001
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
2a00:1450:4001:813::2001
2a00:1450:4001:81c::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c07::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
50.6.160.41
0033814a3a70b538596068ea93395fca5ef438b32bde093f59362e19e11dbaf4
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
05224015868afe41c9fda796bc98fa55f677fc9ad3675e98982d79bc8ebabf34
07c8be2ec36ec4b45a6b215c39d63818bcddc4fc4b363d81d8305262f4baf763
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
10e1fdacb43f9d6f7c70bca2d821479beb769767dce2d45368882a1fd8eaee88
16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98
1d5ca30d122875d15a5915547dc8a1c3db1941fb96201905bb4779763ec097fc
1e60cdcfeed5b230df43b1d9d5ebeccb706091c25fb35b33c8c9303311e8fc8a
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808
260ecfe376a4c41e24c703b4ffd1c40bc38d4f23769e20385e6d1659ff53cd58
2c483e36a3fb41215b3aa522f9bc323a112338e7cc1727df49b14318b5373366
349535014c42270b98f63386fe80cffd295e6ad4bd1c0ffdd237ff79ee6ca5c4
35c9092231d33275c688a67732dac9ea88e3e54b3b79a0c0434b1723f692869f
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0
38043081d4b1b854f4ce04a547e739d155d25f9215bf5b21ef98d110fce154a5
397627abb28e7c7be6331a53adeefc7ca9d18126944451bcb71c8a4324b03a78
3b6e25632f3d376b0c494b805ef2c920da449fa9156b72c101fd1f76b51793e2
3b6e5ffb1f52a3cda0b3392331785d3d6b6929a70ae514b7de7cd615eff1b969
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9
470f047e2b3f4914c9449419ca7d5522d554c7b9731714fa7010d849d9d4ff56
520603b66dfefd65715f658193223c3d4c1f703921a80e8e08f84d4e0601259a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da
5a6d358a8c9f0bb3a77644191f06e4f45098a3a87bfba16b1c4a707a33c6bb5b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6d2932c7f8bda852da3c3b5cc5d8d8aea7c15c0bbeea969670bbfa9f849b8f8e
6e00561aa22f06ab8b944d947232cd762ccaa38aefa2368f60f1293c1755019c
70cd563322458bcd8eb0c45ffe72323df7c74b281cdbd01cc8b15de133b576a3
739cc02bc564ec689695536d0e454311b0702d2304bab32f5464324e55655c2c
794c03f68cb5ef31d7df5471450a41f9ecaea53df90eac5877d5eb175f3ec7e3
7ca9f006b0f12ad30234a601607139bd1d8d8fd76b40422c463e9097e4129ee4
7f8a0455047e2a5a80e6cfaa5d26d138ed99095c62e6b69d2a9f55f83499ab89
802099e5e26f93322f1150e4ed011d60fb125cc74b14a152767515d5947509e1
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
89a67b4d163298c0a3180787a90254d86590a96ff2a3a196eb4b27ff9628267d
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
92b4f1b72c9249ca6b63d9503af518fdc3ce88eb99b72951f5b48b1f9ad789e9
9352a95f817b3486c683f299f6572485c83571488d18f20167ee640327e113cf
9edfd08b69f049801fff56a6b9eaa030b6a588d2961e9923f2ddcf08f8a82ac6
9f1eb5561fe1189304c558fb0db40ca330b2195ac8f59bf818995e648bb1f223
a0db271ec8484cf36e2d6f04fbcccad36c64392ef1feddd2b59f7e9da83d07b5
a6905e1554a48e1fb9a46092029130985b83545b83adce2b4692e6b360ecc962
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac68caee091f4e482e1db39da3c456fe846285889adc67a8999f2d60d69b7363
b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6
b04dc076cfc952b650c8b7a977dc32a052b3b7866424f9d692ee5326ab743eab
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
b7e5eb85a44b1625658678606ed5764110e5193dec9f9111d762c35ce18be955
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6
c6efe1f0481eeed8bb28a4fa7bfe91c591a5bb436db0d1424c2bd1d6c90726b1
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
d08f6271b9e93bce360768d37b016b5381e60b7254d5ad7f2d2baa73ad30d452
d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70
df567b9a2c69061a85958773ba6f86633374b2abcb9f3b1600ff27b10cbe1e42
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a22966f8553cf803759c1a3d324a68339f11a9ce2aaefeff03f3f39c8fda3f
e95e5b1b7809bcd5b8b536a0a496dc7ce3cc2e6842097e5ed063b539d4917e12
ed3cc855d3f061fceecf031312c481dabb418ca5bfebf9c383d258e75b7ca511
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1701b498b9b0798853299023363a335537dec4860616019ce9b00d9a8026d46
f40e23ed3e42b0bfee05cb46d8ebc0982b6d05e2a4c7398bf9e8f680f5a0f4c1
f4a817255e0061ce3ee81d3a44ddeba6f1ae3ff3d9bb88bc108612ee62f2b8b7
f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17
fe5093b9715be664c2d990e74b78cf4e17fd43d326efe4edd57c0331ced16cb7