www.hespress.com Open in urlscan Pro
2606:4700::6812:17c4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hespress.com/
Submission: On November 05 via manual (November 5th 2024, 1:42:42 am UTC) from MA — Scanned from DE

Summary HTTP 74 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 74 HTTP transactions. The main IP is 2606:4700::6812:17c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hespress.com. The Cisco Umbrella rank of the primary domain is 563678.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.

This is the only time www.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2606:4700::68... 2606:4700::6812:17c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:284d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:8a15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
74	20

38 2606:4700::6812:17c4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hespress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.hespress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:284d (United States)

ASN13335 (CLOUDFLARENET, US)

pahter.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8a15 (United States)

ASN13335 (CLOUDFLARENET, US)

palibzh.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	hespress.com www.hespress.com — Cisco Umbrella Rank: 563678 i1.hespress.com — Cisco Umbrella Rank: 492909	2 MB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	263 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682	130 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	64 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	183 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	76 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	203 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 47	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	6 KB
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	palibzh.tech palibzh.tech — Cisco Umbrella Rank: 76904	117 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
1	pahter.tech pahter.tech — Cisco Umbrella Rank: 514612	3 KB
74	14

	Domain	Requested by
34	i1.hespress.com	www.hespress.com i1.hespress.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.hespress.com pagead2.googlesyndication.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	www.hespress.com	www.hespress.com i1.hespress.com static.cloudflareinsights.com
2	fonts.gstatic.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.facebook.com	www.hespress.com
2	region1.analytics.google.com	www.googletagmanager.com
2	427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	connect.facebook.net	www.hespress.com connect.facebook.net
2	www.googletagmanager.com	www.hespress.com www.googletagmanager.com
2	www.gstatic.com	www.hespress.com
2	securepubads.g.doubleclick.net	www.hespress.com securepubads.g.doubleclick.net
1	lh3.googleusercontent.com
1	fonts.googleapis.com
1	www.google.de	www.hespress.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	palibzh.tech	pahter.tech
1	static.cloudflareinsights.com	www.hespress.com
1	pahter.tech	www.hespress.com
74	20

This site contains links to these domains. Also see Links.

Domain
fr.hespress.com
en.hespress.com
www.twitter.com
bit.ly
www.instagram.com
www.facebook.com
www.tiktok.com
www.linkedin.com
appgallery.huawei.com
apps.apple.com
play.google.com
jobs.hespress.com

Subject Issuer	Validity	Valid
hespress.com WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
pahter.tech WE1	`2024-10-09` - `2025-01-07`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
palibzh.tech WE1	`2024-10-04` - `2025-01-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-14` - `2024-11-12`	3 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.hespress.com/
Frame ID: 857EEE92584B4E8012554CC9C28EEE3C
Requests: 71 HTTP requests in this frame

Frame: https://427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 19D655F6ADCEC383A20700F42241316F
Requests: 1 HTTP requests in this frame

Frame: https://427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3C55835DA00C0B18B9839F180E672AA3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 2C5313E0ADF46E6F4F7644C25C2A017F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hespress - هسبريس جريدة إلكترونية مغربية

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

74
Requests

99 %
HTTPS

100 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

2788 kB
Transfer

6531 kB
Size

4
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://fr.hespress.com/?utm_source=hespress_ar&utm_medium=web

Search URL Search Domain Scan URL

URL: https://en.hespress.com/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Hespress/

Search URL Search Domain Scan URL

URL: https://bit.ly/2nSBfHS

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hespress/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Hespress/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@hespress

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hespress/

Search URL Search Domain Scan URL

URL: https://en.hespress.com/?utm_source=hespress_ar&utm_medium=web
Title: النسخة الإنجليزية

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C101425465

Search URL Search Domain Scan URL

URL: https://apps.apple.com/fr/app/hespress/id840082440

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.hespress.android

Search URL Search Domain Scan URL

URL: https://jobs.hespress.com/jobs/Careers
Title: وظائف شاغرة

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.hespress.com/ 272 KB
33 KB 365ms
51ms Document
text/html 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.13
Resource Hash: 91e62e946e359fe2aef4d82776bc7cf39ccef155e8709c22b7b9741f88c0cfc1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 31
cf-cache-status: HIT
cf-ray: 8dd925c5c8142c53-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 05 Nov 2024 01:42:30 GMT
last-modified: Tue, 05 Nov 2024 01:41:59 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT"
vary: Accept-Encoding
x-nginx-cache: HIT IT
x-powered-by: PHP/7.4.13

GET
H2 200 Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 34 KB
35 KB 336ms
47ms Font
application/font-woff 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.hespress.com
Referer: https://www.hespress.com/

Response headers

cache-control: max-age=315360000
content-encoding: br
cf-cache-status: HIT
etag: W/"6567ba7a-89c8"
age: 275818
cf-ray: 8dd925c97cb41e54-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: application/font-woff
last-modified: Wed, 29 Nov 2023 22:26:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 35 KB
35 KB 335ms
46ms Font
application/font-woff 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.hespress.com
Referer: https://www.hespress.com/

Response headers

cache-control: max-age=315360000
content-encoding: br
cf-cache-status: HIT
etag: W/"6567ba7a-8bd4"
age: 20422750
cf-ray: 8dd925c97cb31e54-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: application/font-woff
last-modified: Wed, 29 Nov 2023 22:26:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 35 KB
35 KB 363ms
75ms Font
application/font-woff 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.hespress.com
Referer: https://www.hespress.com/

Response headers

cache-control: max-age=315360000
content-encoding: br
cf-cache-status: HIT
etag: W/"6567ba7a-8cc8"
age: 20418115
cf-ray: 8dd925c97cb51e54-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: application/font-woff
last-modified: Wed, 29 Nov 2023 22:26:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 hespress.com.js Show response
pahter.tech/c/ 8 KB
3 KB 135ms
47ms Script
application/javascript 2606:4700:3037::6815:284d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pahter.tech/c/hespress.com.js
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:284d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "3f02c9d26139d05930116dc637a9e68e"
age: 6753
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UV%2BfN46QyeZmv7kBDeqOXLTpz8Xy7exZXuOzTi%2FW2Hg4d%2F2S0I6ZvlvJjodIx0xrtPAgbTmqFSKlKEwfPZJJIShdKbWv915U3LpryxzkcL6VRWn4s7poC0GtVq%2BKrXwHVE5pi5%2BXb6bQVw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=44631&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4123&recv_bytes=4199&delivery_rate=72063&cwnd=12000&unsent_bytes=0&cid=ffd0f22b95a61f80&ts=76&x=1", cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 12:06:52 GMT
vary: Accept-Encoding
x-amz-id-2: FoqdeLMJelUS/+UTgpwLPYXEk7TonXme9ipzc8yUUKaRFzUuMkjEbmrQuQkvU+8Kv9OoMm4RB7lmSn9Y83kBtg==
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 581RX61NB2W61RFK
cf-ray: 8dd925c84f8e0265-CDG
accept-ranges: bytes
content-length: 2289
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 desktop.css
i1.hespress.com/wp-content/themes/hespressar/css/ 401 KB
59 KB 110ms
85ms Stylesheet
text/css 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4a073272c87a95c418d0b18a9a0abaa777530ba4fd1c3ef91b6e1344f1e41be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: max-age=315360000
content-encoding: br
cf-bgj: minify
etag: W/"667f457e-64a48"
age: 11152755
cf-cache-status: HIT
cf-ray: 8dd925c7d8c42c53-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origSize=412232
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: text/css
last-modified: Fri, 28 Jun 2024 23:21:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
33 KB 206ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80c0678694e0c003ff361d1a354b21db207c84d65bab43dd57e4520d7e3a24c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: br
etag: 130 / 20032 / 31088603 / config-hash: 10257544082128673461
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 01:42:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33943
x-xss-protection: 0
server: cafe

GET
H2 200 trump-harris.jpg
i1.hespress.com/wp-content/uploads/2024/09/ 31 KB
32 KB 86ms
61ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/09/trump-harris.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 998e20a9bf29ab4f58548af74db1fe43c62d7873b7f8e9e62875753ed65ab923

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "66e1be8f-1129c"
age: 183755
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=70300
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: image/webp
content-disposition: inline; filename="trump-harris.webp"
vary: Accept
last-modified: Wed, 11 Sep 2024 16:00:15 GMT
cache-control: max-age=315360000
cf-ray: 8dd925c7d8c52c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 32216
server: cloudflare

GET
H2 200 10-eme-anniversaire-musee-Mohammed-VI-d-art-moderne-et-contemporain.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 80 KB
81 KB 86ms
61ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/10-eme-anniversaire-musee-Mohammed-VI-d-art-moderne-et-contemporain.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1d9b87882287aecd6d58fa685f7e0844e35831cdf45d44d3ac0f66740ba98be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67293d4a-195c1"
age: 6022
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: degrade=85, origSize=103873, status=webp_bigger
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: image/jpeg
last-modified: Mon, 04 Nov 2024 21:31:54 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 8dd925c7d8c62c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 82360
server: cloudflare

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.2.0/ 20 KB
6 KB 112ms
27ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
age: 563003
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 13:19:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 13:19:07 GMT
last-modified: Fri, 11 Dec 2020 17:24:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6546
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.2.0/ 40 KB
11 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
age: 469043
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:25:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:25:07 GMT
last-modified: Fri, 11 Dec 2020 17:24:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10840
x-xss-protection: 0
server: sffe

GET
H2 200 script.min.js Show response
i1.hespress.com/wp-content/themes/hespressar/js/ 210 KB
68 KB 57ms
57ms Script
application/javascript 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.52
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a01529fb33b0c4ae0a1c4017a26a24641d2109386d0655bb1252d2ac8474af3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: max-age=315360000
content-encoding: br
cf-cache-status: HIT
etag: W/"667f457e-34973"
age: 3009321
cf-ray: 8dd925c889072c53-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: application/javascript
last-modified: Fri, 28 Jun 2024 23:21:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 194ms
43ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.hespress.com
Referer: https://www.hespress.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8dd925c99f52dbf3-FRA
access-control-allow-origin: *
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
76 KB 209ms
52ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e8fa43bd30f38c6bb7e30c1c5b39ad65c7120d499710c177310d2cc78be2eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 05 Nov 2024 01:42:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 05 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 77298
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sprite.svg
www.hespress.com/wp-content/themes/hespressar/ 215 KB
57 KB 74ms
73ms Other
image/svg+xml 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hespress.com/wp-content/themes/hespressar/sprite.svg?6.52
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: public, max-age=300
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6626d023-35dcc"
age: 270
cf-ray: 8dd925c8a9122c53-FRA
expires: Tue, 05 Nov 2024 01:47:30 GMT
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 21:01:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 projectagora.min.js Show response
palibzh.tech/libs/ 423 KB
117 KB 189ms
54ms Script
application/javascript 2606:4700:3037::ac43:8a15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://palibzh.tech/libs/projectagora.min.js
Requested by: Host: pahter.tech
URL: https://pahter.tech/c/hespress.com.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4a5087b40606dda226f932518ab9c926f9f61d3f7628f4e0dfa4c743e7416af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
x-amz-meta-version: 3.45.0
etag: "308f438e53adcabf9652e7142d95c979"
age: 6069
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rv%2FjVd%2F%2FjeV9Ng3bdN%2B7e9O2ZpEwKgGooCp0Zry0iCWfEo%2B1acIhMgNp%2BG67kSCjKrNZV5mYDuzoj31u%2BxGYWiPYnfy7mMjJxncGNZltKs%2BAr1JsKABkB%2FnyW5LDLWZaXyIwIrsxC0itFBc%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=35838&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4202&recv_bytes=4230&delivery_rate=90298&cwnd=12000&unsent_bytes=0&cid=d2053ef399cd60ae&ts=125&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 09:59:28 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-amz-id-2: UaqrH1A3bqmzkstYpb5UUkDbxWxAYzy9qRMIz1EFqNxHOVWONrE7UcsLcU7DR7UX8O0iycfbzGA=
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HN0A2MRW5W4HDA97
cf-ray: 8dd925c999efdb0b-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 119329
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 sprite.svg
i1.hespress.com/wp-content/themes/hespressar/ 215 KB
53 KB 58ms
47ms Image
image/svg+xml 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.52
Requested by: Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52

Response headers

cache-control: public, max-age=300
content-encoding: br
cf-cache-status: HIT
etag: W/"6626d023-35dcc"
age: 122
cf-ray: 8dd925c9b95d2c53-FRA
expires: Tue, 05 Nov 2024 01:47:30 GMT
access-control-allow-origin: *
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: image/svg+xml
last-modified: Mon, 22 Apr 2024 21:01:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 shows-bg.jpg
i1.hespress.com/wp-content/themes/hespress/img/ 41 KB
42 KB 53ms
47ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/themes/hespress/img/shows-bg.jpg
Requested by: Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52

Response headers

cf-bgj: imgq:85,h2pri
etag: "64527706-1eaea"
age: 593226
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=125674
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: image/webp
content-disposition: inline; filename="shows-bg.webp"
vary: Accept
last-modified: Wed, 03 May 2023 15:00:22 GMT
cache-control: max-age=315360000
cf-ray: 8dd925c9c9612c53-FRA
accept-ranges: bytes
content-length: 42292
server: cloudflare

GET
H2 200 placeholder.png
i1.hespress.com/wp-content/themes/hespressar/img/ 3 KB
3 KB 52ms
46ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/themes/hespressar/img/placeholder.png
Requested by: Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52

Response headers

cf-bgj: imgq:85,h2pri
etag: "5fb06004-1177"
age: 434868
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origFmt=png, origSize=4471
date: Tue, 05 Nov 2024 01:42:30 GMT
content-type: image/webp
content-disposition: inline; filename="placeholder.webp"
vary: Accept
last-modified: Sat, 14 Nov 2020 22:53:56 GMT
cache-control: max-age=315360000
cf-ray: 8dd925c9c9622c53-FRA
accept-ranges: bytes
content-length: 3412
server: cloudflare

GET
H2 200 weathericons-regular.otf
i1.hespress.com/wp-content/themes/hespress/fonts/ 53 KB
53 KB 102ms
33ms Font
application/x-font-otf 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/weathericons-regular.otf
Requested by: Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.hespress.com
Referer: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52

Response headers

cache-control: max-age=315360000
cf-cache-status: HIT
etag: "5fcf1c3f-d360"
age: 581088
cf-ray: 8dd925cbbdda1e54-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54112
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: application/x-font-otf
last-modified: Tue, 08 Dec 2020 06:25:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 web-copy.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 92 KB
92 KB 141ms
27ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/web-copy.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43be7581bfede95e75e5244fa257e1bdf7ed771a7734958d9f360119716a0cca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67269c3d-1b80d"
age: 189661
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: degrade=85, origSize=112653, status=webp_bigger
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/jpeg
last-modified: Sat, 02 Nov 2024 21:40:13 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 8dd925cbb9ec2c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 93929
server: cloudflare

GET
H2 200 800-533-copy.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 80 KB
81 KB 150ms
36ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/800-533-copy.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618dc43349271787c58d08d5ce90dfb014dc7e3dbe1c597643e38ae520eb46e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67254743-1d43d"
age: 257806
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=119869
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="800-533-copy.webp"
vary: Accept
last-modified: Fri, 01 Nov 2024 21:25:23 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbb9ef2c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 82340
server: cloudflare

GET
H2 200 bidon.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 84 KB
84 KB 175ms
62ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/bidon.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ede382e0fdc101daa736b5b22e7c845336c6a71915f215945f3bee431a1a892

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67251990-15ec9"
age: 279578
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origSize=89801, status=webp_bigger
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/jpeg
last-modified: Fri, 01 Nov 2024 18:10:24 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 8dd925cbb9f02c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 85959
server: cloudflare

GET
H2 200 Bidoun-3onwan.jpg
i1.hespress.com/wp-content/uploads/2024/10/ 44 KB
44 KB 151ms
38ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/10/Bidoun-3onwan.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0293f3f4703e1882f9160088a030f470cba52351b8cd89a72588f1c5baafca4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "6722a67a-d6a2"
age: 258635
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=54946
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="Bidoun-3onwan.webp"
vary: Accept
last-modified: Wed, 30 Oct 2024 21:34:50 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbb9f12c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 45102
server: cloudflare

GET
H2 200 9issa_site.webp
i1.hespress.com/wp-content/uploads/2024/10/ 26 KB
26 KB 137ms
33ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/10/9issa_site.webp
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ebbaad4c678f1531d88609ded534a59ed80ae56fa6a4a0d08d68aa09d49d479

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: max-age=315360000
cf-cache-status: HIT
etag: "6721692f-66dc"
age: 535190
cf-ray: 8dd925cbb9f32c53-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 26332
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
last-modified: Tue, 29 Oct 2024 23:01:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 trottinette.jpg
i1.hespress.com/wp-content/uploads/2024/10/ 54 KB
54 KB 166ms
63ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/10/trottinette.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aaec5d9db911222c578ba3630b1f96bcb20cc1dda18e8ea901fa40b32fd62d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "671ac1ca-df2d"
age: 434384
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=57133
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="trottinette.webp"
vary: Accept
last-modified: Thu, 24 Oct 2024 21:53:14 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbb9f42c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 54944
server: cloudflare

GET
H2 200 virus-1.jpg
i1.hespress.com/wp-content/uploads/2024/10/ 43 KB
44 KB 128ms
25ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/10/virus-1.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cbacb1148ec67291d8b8dab3af934109399ec22a0cb7b6bf32314197da8e7df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "671980fb-ff4b"
age: 433362
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=65355
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="virus-1.webp"
vary: Accept
last-modified: Wed, 23 Oct 2024 23:04:27 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbb9f62c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 44478
server: cloudflare

GET
H2 200 Dos_d_ane-.jpg
i1.hespress.com/wp-content/uploads/2024/10/ 78 KB
79 KB 130ms
30ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/10/Dos_d_ane-.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebcaed34a3be251346bb633650b2c37471787ae9e6759eebd0f09197b02080d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "6716b4d3-185b3"
age: 258246
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=99763
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="Dos_d_ane-.webp"
vary: Accept
last-modified: Mon, 21 Oct 2024 20:08:51 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbb9f72c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 80086
server: cloudflare

GET
H2 200 RNI.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 40 KB
40 KB 126ms
39ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/RNI.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae8076f942aca86276a83d09bac87e8b5c200151af7fb47b919185a8d3c94de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67296f12-a283"
age: 7612
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origSize=41603, status=webp_bigger
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/jpeg
last-modified: Tue, 05 Nov 2024 01:04:18 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 8dd925cbb9f82c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 40541
server: cloudflare

GET
H2 200 bouaida.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 79 KB
79 KB 149ms
62ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/bouaida.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1945d6fe02689b8e1e883e8a07295f857cfa83ef835dd9852049ecc8fcc59f1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67296a94-1416d"
age: 9970
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origSize=82285, status=webp_bigger
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/jpeg
last-modified: Tue, 05 Nov 2024 00:45:08 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 8dd925cbb9f92c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 80561
server: cloudflare

GET
H2 200 azize.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 49 KB
49 KB 180ms
93ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/azize.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1176475514d28142f8c9f0464451ffab359fb919c81c1ea53dcec39e81f2ce95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67296867-c50e"
age: 11108
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origSize=50446, status=webp_bigger
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/jpeg
last-modified: Tue, 05 Nov 2024 00:35:51 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 8dd925cbea082c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 49756
server: cloudflare

GET
H2 200 med-v.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 50 KB
51 KB 150ms
63ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/med-v.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 851e211a09e3c49cfe54a6f8f8ba5d0fc730d7320aa92b5730f1f77ef13f540e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67294991-cdb1"
age: 11747
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: origSize=52657, status=webp_bigger
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/jpeg
last-modified: Mon, 04 Nov 2024 22:24:17 GMT
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 8dd925cbea092c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 51479
server: cloudflare

GET
H2 200 Tantan.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 62 KB
62 KB 152ms
66ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/Tantan.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ce9f30bc81bc03b35918ce16b4f671b1c90b718c8ed3abf70520970b41ca372

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67292acd-169fe"
age: 24340
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=92670
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="Tantan.webp"
vary: Accept
last-modified: Mon, 04 Nov 2024 20:13:01 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbea0a2c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 63506
server: cloudflare

GET
H2 200 TGV-ONCF.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 55 KB
56 KB 151ms
65ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/TGV-ONCF.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c89dd2faf7dfc52c77322200e9762c0fed4e6df445ffdb27faa50e380dd5eab6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67291cfc-14433"
age: 30167
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=82995
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="TGV-ONCF.webp"
vary: Accept
last-modified: Mon, 04 Nov 2024 19:14:04 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbea0b2c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 56692
server: cloudflare

GET
H2 200 Akhennouche.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 40 KB
40 KB 150ms
64ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/Akhennouche.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57bdb7b0f440d8640bcb3551522240413b3b3de6b8043a393233f285bc571d61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67291085-103ba"
age: 33197
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=66490
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="Akhennouche.webp"
vary: Accept
last-modified: Mon, 04 Nov 2024 18:20:53 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbea0c2c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 41184
server: cloudflare

GET
H2 200 Anouyeb.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 33 KB
34 KB 177ms
92ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/Anouyeb.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b531d9f140a1e22292f3f6055799f848ddca923ec57760536f8f4a57f81156

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "672901e4-f6f4"
age: 35979
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=63220
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="Anouyeb.webp"
vary: Accept
last-modified: Mon, 04 Nov 2024 17:18:28 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbea0e2c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 34188
server: cloudflare

GET
H2 200 web_fr.jpg
i1.hespress.com/wp-content/uploads/2024/10/ 40 KB
41 KB 177ms
92ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/10/web_fr.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7142d1ed0216d3eada5477e957cb43ed62e811168a584fd059367f999a829ab2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "67200d63-43cfa"
age: 623103
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=277754
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="web_fr.webp"
vary: Accept
last-modified: Mon, 28 Oct 2024 22:17:07 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbea0f2c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 41370
server: cloudflare

GET
H2 200 lehna.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/10/ 12 KB
12 KB 161ms
90ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/resize/200/2024/10/lehna.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fed368df244438767894bba29f3f1af7c345c189cb6016472ce79b2ee9969d82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: W/"6702c41c-5616"
age: 2541874
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=12115
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="lehna.webp"
vary: Accept
last-modified: Sun, 06 Oct 2024 17:08:44 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbea102c53-FRA
accept-ranges: bytes
content-length: 11792
server: cloudflare

GET
H2 200 chakib-laalej.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/10/ 12 KB
12 KB 160ms
91ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/resize/200/2024/10/chakib-laalej.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6547196503449378d3607bcf1e1431759b7b2c69edff23519640e0a8b1e557a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: max-age=315360000
cf-bgj: imgq:85,h2pri
etag: W/"6702c564-55d1"
age: 2541874
cf-cache-status: HIT
cf-ray: 8dd925cbea112c53-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
cf-polished: degrade=85, origSize=12317, status=webp_bigger
content-length: 12138
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/jpeg
last-modified: Sun, 06 Oct 2024 17:14:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 olympiakos-ayoub-kaabi.jpg
i1.hespress.com/wp-content/uploads/2024/05/ 96 KB
96 KB 131ms
63ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/05/olympiakos-ayoub-kaabi.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92f29874efe01861ef21e0dd9c54618e68ba029f23b51f6663c0742088934cc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "66586bb7-27823"
age: 33429
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=161827
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="olympiakos-ayoub-kaabi.webp"
vary: Accept
last-modified: Thu, 30 May 2024 12:06:15 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbea122c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 97918
server: cloudflare

GET
H2 200 adil-bakili.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 28 KB
28 KB 160ms
92ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/adil-bakili.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a21a8a3cbcf941a9579fb874186fd6fa82b932091d4a5ba3c05328e344e0c6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "6728e57f-10184"
age: 40781
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=65924
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="adil-bakili.webp"
vary: Accept
last-modified: Mon, 04 Nov 2024 15:17:19 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbea142c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 28434
server: cloudflare

GET
H2 200 abdelkader-hajjar.jpg
i1.hespress.com/wp-content/uploads/2024/11/ 28 KB
28 KB 158ms
91ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/11/abdelkader-hajjar.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22d605eb25488efad4861e751cdb59639e44b944f7935d06bebb702b68ab73a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "6728ca3d-f8de"
age: 48729
cf-cache-status: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=63710
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: image/webp
content-disposition: inline; filename="abdelkader-hajjar.webp"
vary: Accept
last-modified: Mon, 04 Nov 2024 13:21:01 GMT
cache-control: max-age=315360000
cf-ray: 8dd925cbea152c53-FRA
accept-ranges: bytes
access-control-allow-origin: *.hespress.com
content-length: 28774
server: cloudflare

GET
H2 200 / Show response
www.hespress.com/ 111 KB
8 KB 233ms
233ms XHR
text/html 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hespress.com/?weather_and_prayer
Requested by: Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.13
Resource Hash: 481517a6d562860a2a36fde226bf80f8c260a148a61bde9661706df49f10c379

Request headers

Referer: https://www.hespress.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: */*

Response headers

x-nginx-cache: HIT DE
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8dd925ce8af12c53-FRA
access-control-allow-origin: *
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.13
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/ 483 KB
150 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088603

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d630051aa81b7895bed44adcca3d35bbf6c0aa68eb99446712e43cf0d34386d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: br
etag: 16074489216520974051
age: 80375
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 03:22:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Mon, 04 Nov 2024 03:22:56 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153218
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 389 KB
127 KB 114ms
105ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e67ad20daf483159bbdb5e7b41f2d43ff286d771ae1263efc0e70be1fef4268a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 05 Nov 2024 01:42:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129415
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 184ms
29ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-D6UI4740' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 01:42:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-D6UI4740' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=51, rtx=0, c=23, mss=1232, tbw=4458, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: QOYRZo6mPCSiuTzkG8JT2mmtGRDHFfCJeUTtUva0omVThHqjhvv8cYtRTKghgt4Sztx5NA5GFx+jXBHdK1ntRA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 595 B
308 B 255ms
173ms Fetch
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1068724369603985&correlator=767641209494933&eid=31088368%2C31088369%2C31088371%2C31088603%2C83320950%2C31086810&output=ldjh&gdfp_req=1&vrg=202410290101&ptt=17&impl=fif&iu_parts=153418548%2Ccode_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=525783152&sfv=1-0-40&sc=1&lrm=400&abxe=1&dt=1730770952057&lmt=1730770919&adxs=1599&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1600x6938&msz=1x-1&fws=0&ohw=0&td=1&egid=24510&tan=2ba6c6e0-df36-4e15-8e4b-dfc918bb151c&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730770950091&idt=1741&adks=432670791&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088603

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c78172d05c21a344ca9f3cc38987b045595d1b6b9095e73282dfdeb138bef04d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 01:42:32 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.hespress.com
content-length: 279
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 19D6 0
0 153ms
41ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 01:42:32 GMT
expires: Tue, 05 Nov 2024 01:42:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 526 B
248 B 902ms
894ms Fetch
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1068724369603985&correlator=767641209494933&eid=31088368%2C31088369%2C31088371%2C31088603%2C83320950%2C31086810&output=ldjh&gdfp_req=1&vrg=202410290101&ptt=17&impl=fif&iu_parts=153418548%2Cbillboard_btf_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90%7C940x230&ifi=2&didk=1711791774&sfv=1-0-40&sc=1&lrm=400&abxe=1&dt=1730770952123&lmt=1730770919&adxs=315&adys=686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x16&msz=970x0&fws=4&ohw=1366&td=1&egid=24510&tan=2ba6c6e0-df36-4e15-8e4b-dfc918bb151e&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730770950091&idt=1741&adks=4098979368&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088603

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1281703223602cd4c35ff6fd0bf706ca692ce4f0e18c611b55ccf394eef98e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: br
google-lineitem-id: -2
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 01:42:33 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -2
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.hespress.com
content-length: 219
x-xss-protection: 0
server: cafe

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 154 KB
46 KB 711ms
703ms Fetch
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1068724369603985&correlator=767641209494933&eid=31088368%2C31088369%2C31088371%2C31088603%2C83320950%2C31086810&output=ldjh&gdfp_req=1&vrg=202410290101&ptt=17&impl=fif&iu_parts=153418548%2Cmega_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=3&didk=2462911251&sfv=1-0-40&sc=1&lrm=400&abxe=1&dt=1730770952129&lmt=1730770919&adxs=315&adys=135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x0&msz=970x0&fws=4&ohw=1366&td=1&egid=24510&tan=2ba6c6e0-df36-4e15-8e4b-dfc918bb151d&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1730770950091&idt=1741&adks=337753859&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088603

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b43dc46bbaf6c2459ede5ae914a610af3cb04bde131fe7f49e159b0c37d3f19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: br
google-lineitem-id: -1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 01:42:32 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.hespress.com
content-length: 47218
x-xss-protection: 0
server: cafe

GET
H3 200 447079109144639 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 35ms
34ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/447079109144639?v=2.9.176&r=stable&domain=www.hespress.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c8873830270fef6310b3fb21c3170f62c88eaef2b90861f8aee779736be16b7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-migD9CeK' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 01:42:32 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-migD9CeK' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=70, mss=1232, tbw=70282, tp=65, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: XNYYfP6ZjKZ9++/DHH8dnPG/JGLbKdKNCddu4jpAo9/QaoBYO1XX3n44URPeLk+MuuW+JfWASZNQEWe5RDNSfg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 15190
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 622ms
33ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je4au0v869673765z878625843za200zb78625843&_p=1730770950490&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1109394584.1730770952&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730770952&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2557
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.hespress.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:32 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 623ms
34ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P97QV0GBGK&cid=1109394584.1730770952&gtm=45je4au0v869673765z878625843za200zb78625843&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.hespress.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:32 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 558ms
43ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P97QV0GBGK&cid=1109394584.1730770952&gtm=45je4au0v869673765z878625843za200zb78625843&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101823848~101878899~101878944~101925629&tag_exp=101823848~101878899~101878944~101925629&z=2078499652

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 05 Nov 2024 01:42:32 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 576ms
28ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1730770952314&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=12318&fbp=fb.1.1730770952305.684949977434974815&cs_est=true&ler=empty&cdl=API_unavailable&it=1730770952187&coo=false&rqm=GET

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=10, mss=1328, tbw=2938, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 05 Nov 2024 01:42:32 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 743ms
199ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1730770952314&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmgoogletagmanager&ec=0&o=12318&fbp=fb.1.1730770952305.684949977434974815&cs_est=true&ler=empty&cdl=API_unavailable&it=1730770952187&coo=false&rqm=FGET

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433604636120984574"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 05 Nov 2024 01:42:33 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 6tphC4lKYkvKrPesgLlizDMZTG20jESTliRROoI+zJFTEEQ+KC7iUtGPL62hoaVf9N8czpDkJNZDGIPGmczsPw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433604636120984574", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=12, mss=1328, tbw=3256, tp=-1, tpl=-1, uplat=174, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 container.html
427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C55 0
0 0ms
0ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 01:42:32 GMT
expires: Tue, 05 Nov 2024 01:42:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
53 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9555be4cb069402c21aea3798bd3e1303b1fdc003162802dcaedc9c0bccb9133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: br
etag: 16356002488918195242
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 01:42:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 01:42:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53738
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 44ms
43ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088603

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45de64d69b4192f93d42807c2e9c8fe677dfe693cc803feb219aa3a2942399fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12902
date: Tue, 05 Nov 2024 01:42:33 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 204 rum Show response
www.hespress.com/cdn-cgi/ 0
207 B 38ms
36ms XHR
text/plain 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hespress.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://www.hespress.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8dd925db8f272c53-FRA
access-control-allow-origin: https://www.hespress.com
date: Tue, 05 Nov 2024 01:42:33 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 favicon.ico
i1.hespress.com/wp-content/themes/hespressar/icons/ 868 B
1010 B 50ms
49ms Other
image/x-icon 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespressar/icons/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: max-age=315360000
content-encoding: br
cf-cache-status: HIT
etag: W/"5fa925d1-364"
age: 19517263
cf-ray: 8dd925db9f382c53-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Tue, 05 Nov 2024 01:42:33 GMT
content-type: image/x-icon
last-modified: Mon, 09 Nov 2020 11:19:45 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 153ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410290101/pubads_impl.js?cb=31088603

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 01:42:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ 435 KB
145 KB 77ms
71ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f731fda6321bd23e46944309c824c0919bb9cc009e15de7be70be4d1f1ae43d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: br
etag: 3844554474759044913
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 01:42:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 05 Nov 2024 01:42:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 148079
x-xss-protection: 0
server: cafe

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 2C53 0
0 81ms
62ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Nov 2024 01:07:21 GMT
expires: Tue, 05 Nov 2024 01:57:21 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-9809098668305457 Show response
fundingchoicesmessages.google.com/i/ 196 KB
65 KB 307ms
58ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9809098668305457?href=https%3A%2F%2Fwww.hespress.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe04e40433927fcb1f0911aedc980fd1cb89c1e04facaa21b43b31d405d0d7d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RrV-Jx6WnJ14JgCzLl6v_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BiOHnrNtNFIJb4-pJJC4id0mewhgBx681zrNOBOOnfedYSIHbXusjqD8SGCpdYnYHYsegSqycQq_ZcYjUH4vvrLrE-B-IiiSusLUB8u-kK62MgZvh6hZUDiIV4OLo-LN3JJjBhx9JGRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTQwNjAz0Dg_gCAwCbtESq"
content-security-policy: script-src 'report-sample' 'nonce-RrV-Jx6WnJ14JgCzLl6v_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxXrYJrsuUOQ_dMCxS-tmXQmtie3smXRFChlngxTDm4YuX7JfnKLKyZQ3HWqUAfUUO-zUqa69O9thPqy7O27ZG0z59I1pqxAqZ3RhJEsGiCyYVGnHSocVJDBl6tIhi7lzTU1_3rw Show response
fundingchoicesmessages.google.com/f/ 458 KB
65 KB 92ms
90ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXrYJrsuUOQ_dMCxS-tmXQmtie3smXRFChlngxTDm4YuX7JfnKLKyZQ3HWqUAfUUO-zUqa69O9thPqy7O27ZG0z59I1pqxAqZ3RhJEsGiCyYVGnHSocVJDBl6tIhi7lzTU1_3rw?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMwNzcwOTU0LDQxMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVzcHJlc3MuY29tLyIsbnVsbCxbWzgsIllzZ09PY3R1a3JJIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YsgOOctukrI.es5.O/am=DAY/d=1/rs=AJlcJMyO9FXQaj3ay2zcf2hEtVYN0PGvtQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c7bae8b381d24c38a4bb3f33554c2e07111ee0f234b335b6c6a0dd9217d37e8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2YcAQ6quGBUCtnlgFnZ9qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BikPj6kkkLiJ3SZ7CGAHHrzXOs04E46d951hIgdte6yOoPxIYKl1idgdix6BKrJxCr9lxiNQfi--susT4H4iKJK6wtQHy76QrrYyBm-HqFlQOIhXg4uj4s3ckmcGPV3ueMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGBsYGegYG8QUGAJYTQFE"
content-security-policy: script-src 'report-sample' 'nonce-2YcAQ6quGBUCtnlgFnZ9qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 114 KB
6 KB 103ms
45ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YsgOOctukrI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzKKCJ_eirEoHg0x_kw-rb21LJjzw/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3379b46641b48791c136b410e325c4e10f1b08be254fec82c726ec26089f6467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 01:42:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 05 Nov 2024 01:42:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
lh3.googleusercontent.com/ 6 KB
6 KB 123ms
38ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 4141
x-content-type-options: nosniff
expires: Wed, 06 Nov 2024 00:33:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 00:33:33 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 5847
x-xss-protection: 0
server: fife

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 71ms
35ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.hespress.com
Referer: https://www.hespress.com/

Response headers

age: 13391
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 73ms
73ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.hespress.com
Referer: https://www.hespress.com/

Response headers

age: 13391
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

POST
H3 204 AGSKWxU0GmO8ky6d5-rzf_9yIzz1c4G2y93Xdjci0C8npW2oTxunYCqTGS-DdG3D4rZIPyr31m8f5ge77i6fDU_0v-1o8lVBxa-UWJCWTnaMk1zTr7-ebiUA5-LJxStz8OZF_MEMLOzE Show response
fundingchoicesmessages.google.com/el/ 0
28 B 82ms
41ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU0GmO8ky6d5-rzf_9yIzz1c4G2y93Xdjci0C8npW2oTxunYCqTGS-DdG3D4rZIPyr31m8f5ge77i6fDU_0v-1o8lVBxa-UWJCWTnaMk1zTr7-ebiUA5-LJxStz8OZF_MEMLOzE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PNmafpTu082VhBwac-94TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.hespress.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHo-rB0J5vAhP4Pa5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYmhgbGhnoF5fIEBADC0KMg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PNmafpTu082VhBwac-94TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.hespress.com
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxU0GmO8ky6d5-rzf_9yIzz1c4G2y93Xdjci0C8npW2oTxunYCqTGS-DdG3D4rZIPyr31m8f5ge77i6fDU_0v-1o8lVBxa-UWJCWTnaMk1zTr7-ebiUA5-LJxStz8OZF_MEMLOzE Show response
fundingchoicesmessages.google.com/el/ 0
28 B 112ms
72ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU0GmO8ky6d5-rzf_9yIzz1c4G2y93Xdjci0C8npW2oTxunYCqTGS-DdG3D4rZIPyr31m8f5ge77i6fDU_0v-1o8lVBxa-UWJCWTnaMk1zTr7-ebiUA5-LJxStz8OZF_MEMLOzE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cAgzrdHombQhzcDZVOuUIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.hespress.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:34 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0pBicEqfwRoCxO5aF1n9gZjh6xVWDiAW4uHo-rB0J5vAjWdT9zEruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDA2NDPQPz-AIDAE3_KSc"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-cAgzrdHombQhzcDZVOuUIw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://www.hespress.com
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 37ms
36ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je4au0v869673765za200zb78625843&_p=1730770950490&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=1109394584.1730770952&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1730770952&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=ad_impression&ep.query_id=CJuDtZ6IxIkDFb3uuwgd8PQVkg&_et=780&tfd=8343
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.hespress.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.hespress.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 05 Nov 2024 01:42:38 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410290101&jk=1068724369603985&bg=!bm2lbSLNAAbaVSD0-lU7ADQBe5WfOIpBgc7MjV4vfubMjtn3EIWOR-yS6QKpPz1GVGSFHVUbnm0V5d8gS0-eW3vfpU-PAgAAAZVSAAAAA2gBB34ANpFyLwLsUa-OdrWB7VMdcliCE5DknQ3NwQ88aI3Bhi6k5cX5j-9on4fOx59f_IjUKEy3hPQmsgoAeuQaRFZiwqhoa12MoLocOXqORGOfiEqfM2qjygFwoH4Ran2OFpPBofjNwmJF-KhqMoEtpB2kqpTTWEkI4Fw_xGX-M3p1NRF4bWVA7Ez7OyRlA1qcuIM16u-7XkgrYon1AnOlutDgtbYFb2xa1mpO8Z51n4eAQbKjXeTAmQKO_NyMlG-SWTvR_msSnVrh062LFAzs0ziFSDOXK7ljl5lkuBtLzTYUec6y9-MzOLc-M0C5nAYOMDqstkW7zyn9slIq9Lm-arAsk813PSypcSwHgJwG-L5GDxdsYDdTGvLm8RP-8yZwN1KAmZPXULoEpjhW5dr_U46NaIEVYi7zDze8G1ZXx3P4dYII3byovsJTr94IaYxg9m5Fzs3OANPg0fE0CV3iqd01aEWz6CsjyaIfh61678rP5kFbLpQb0S2RC40fJA1-JO_u3WNBsQtA7rYmamxUliytQ-yTD0sbuzsGCJcm6wtek7mHgJLBjqzOVW_R5Pz0ZHAh-ARUxWfwOEFJzhZ3uagpBopdmUfPq5sYD6LE_R4U92NWU3lleCrGRljiAYHqaS-8qjHsh-9w5VivCW3lEstVQz98CCwKWee1ycnGeW3KqqeBPdxu_vMjwM3wRHy1jRkmMtIQ7Eo69b2fMvmDt2seBNsJwwsOM5esLQqdGzk2sfTat18yJcLxTwPovxf1BFtIkFlnw1Lr3I-gMom4g9rR3xlZ_eYmwc5EpQWDNjbDCYgTRKeuYYWdli19CiSPVgYChbCFkOZJrst6Sj4YNzM7SZ588677P0A2PJF0xAvQzREwoQYx6uRmOIn_hPHYNFOEKyf9J5IUWxSuWxGykat0r2emk8zHUo2K6nG4V4GW_emdOwOfkmAGH8KlgeVUdhnb68Q4I2AR3s1iQ6nljkpZOurQfD5K7RYgUcP711OIrJzSlAgvG9PyfHYLqWF-n1fRbU6FGuRnuAtuQcQL17AIr4hJq6XIy5AaeGU2crrId2WdNDHYBwcnCTKhtgGqInMv5TyaV8exIvdjjngG1LWy-JCFMQk_

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hespress.com/	1970-01-21 10:22:10	Name: _ga Value: GA1.1.1109394584.1730770952
.hespress.com/	1970-01-21 02:55:46	Name: _fbp Value: fb.1.1730770952305.684949977434974815
.hespress.com/	1970-01-21 10:22:10	Name: _ga_P97QV0GBGK Value: GS1.1.1730770952.1.0.1730770953.59.0.0
.hespress.com/	1970-01-21 05:05:22	Name: __eoi Value: ID=f1953e0418a65a5b:T=1730770952:RT=1730770952:S=AA-AfjYqvu8TeIIkiIEJCOR9q64M

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

427a6375f09b3a0c1af514346bf5944c.safeframe.googlesyndication.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i1.hespress.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
pahter.tech
palibzh.tech
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hespress.com
pagead2.googlesyndication.com
2001:4860:4802:32::36
2606:4700:3037::6815:284d
2606:4700:3037::ac43:8a15
2606:4700::6810:4f49
2606:4700::6812:17c4
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81d::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2008
2a00:1450:400c:c0a::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
1176475514d28142f8c9f0464451ffab359fb919c81c1ea53dcec39e81f2ce95
1281703223602cd4c35ff6fd0bf706ca692ce4f0e18c611b55ccf394eef98e38
16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7
1945d6fe02689b8e1e883e8a07295f857cfa83ef835dd9852049ecc8fcc59f1b
1ae8076f942aca86276a83d09bac87e8b5c200151af7fb47b919185a8d3c94de
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98
22d605eb25488efad4861e751cdb59639e44b944f7935d06bebb702b68ab73a1
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808
2e8fa43bd30f38c6bb7e30c1c5b39ad65c7120d499710c177310d2cc78be2eea
3379b46641b48791c136b410e325c4e10f1b08be254fec82c726ec26089f6467
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ce9f30bc81bc03b35918ce16b4f671b1c90b718c8ed3abf70520970b41ca372
43be7581bfede95e75e5244fa257e1bdf7ed771a7734958d9f360119716a0cca
45de64d69b4192f93d42807c2e9c8fe677dfe693cc803feb219aa3a2942399fe
481517a6d562860a2a36fde226bf80f8c260a148a61bde9661706df49f10c379
4f731fda6321bd23e46944309c824c0919bb9cc009e15de7be70be4d1f1ae43d
57bdb7b0f440d8640bcb3551522240413b3b3de6b8043a393233f285bc571d61
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da
5ebbaad4c678f1531d88609ded534a59ed80ae56fa6a4a0d08d68aa09d49d479
5ede382e0fdc101daa736b5b22e7c845336c6a71915f215945f3bee431a1a892
618dc43349271787c58d08d5ce90dfb014dc7e3dbe1c597643e38ae520eb46e0
6547196503449378d3607bcf1e1431759b7b2c69edff23519640e0a8b1e557a8
6a21a8a3cbcf941a9579fb874186fd6fa82b932091d4a5ba3c05328e344e0c6f
7142d1ed0216d3eada5477e957cb43ed62e811168a584fd059367f999a829ab2
77b531d9f140a1e22292f3f6055799f848ddca923ec57760536f8f4a57f81156
80c0678694e0c003ff361d1a354b21db207c84d65bab43dd57e4520d7e3a24c7
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
851e211a09e3c49cfe54a6f8f8ba5d0fc730d7320aa92b5730f1f77ef13f540e
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8aaec5d9db911222c578ba3630b1f96bcb20cc1dda18e8ea901fa40b32fd62d6
8c7bae8b381d24c38a4bb3f33554c2e07111ee0f234b335b6c6a0dd9217d37e8
8cbacb1148ec67291d8b8dab3af934109399ec22a0cb7b6bf32314197da8e7df
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
91e62e946e359fe2aef4d82776bc7cf39ccef155e8709c22b7b9741f88c0cfc1
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
92f29874efe01861ef21e0dd9c54618e68ba029f23b51f6663c0742088934cc2
9555be4cb069402c21aea3798bd3e1303b1fdc003162802dcaedc9c0bccb9133
998e20a9bf29ab4f58548af74db1fe43c62d7873b7f8e9e62875753ed65ab923
a01529fb33b0c4ae0a1c4017a26a24641d2109386d0655bb1252d2ac8474af3e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b43dc46bbaf6c2459ede5ae914a610af3cb04bde131fe7f49e159b0c37d3f19d
b4a073272c87a95c418d0b18a9a0abaa777530ba4fd1c3ef91b6e1344f1e41be
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6
c78172d05c21a344ca9f3cc38987b045595d1b6b9095e73282dfdeb138bef04d
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
c8873830270fef6310b3fb21c3170f62c88eaef2b90861f8aee779736be16b7d
c89dd2faf7dfc52c77322200e9762c0fed4e6df445ffdb27faa50e380dd5eab6
d630051aa81b7895bed44adcca3d35bbf6c0aa68eb99446712e43cf0d34386d9
e0293f3f4703e1882f9160088a030f470cba52351b8cd89a72588f1c5baafca4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67ad20daf483159bbdb5e7b41f2d43ff286d771ae1263efc0e70be1fef4268a
ebcaed34a3be251346bb633650b2c37471787ae9e6759eebd0f09197b02080d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d9b87882287aecd6d58fa685f7e0844e35831cdf45d44d3ac0f66740ba98be
f4a5087b40606dda226f932518ab9c926f9f61d3f7628f4e0dfa4c743e7416af
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17
fe04e40433927fcb1f0911aedc980fd1cb89c1e04facaa21b43b31d405d0d7d4
fed368df244438767894bba29f3f1af7c345c189cb6016472ce79b2ee9969d82
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

www.hespress.com Open in urlscan Pro 2606:4700::6812:17c4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

74 Requests

99 %HTTPS

100 %IPv6

14 Domains

20 Subdomains

20 IPs

3 Countries

2788 kBTransfer

6531 kBSize

4 Cookies

13 Outgoing links

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hespress.com Open in urlscan Pro
2606:4700::6812:17c4 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

99 %
HTTPS

100 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

2788 kB
Transfer

6531 kB
Size

4
Cookies

74 HTTP transactions
0 data transactions