Submitted URL: http://www.hespress.com/
Effective URL: https://www.hespress.com/
Submission: On October 20 via api from LU — Scanned from DE

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 74 HTTP transactions. The main IP is 2606:4700::6812:16c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hespress.com. The Cisco Umbrella rank of the primary domain is 563678.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.
This is the only time www.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
38 hespress.com
www.hespress.com — Cisco Umbrella Rank: 563678
i1.hespress.com — Cisco Umbrella Rank: 492909
2 MB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
e07c522c254e09690b2df1223728434f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
229 KB
6 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4401
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 682
129 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
64 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
183 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
73 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
181 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 47
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
6 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 11271
63 B
1 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 76904
117 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
1 pahter.tech
pahter.tech — Cisco Umbrella Rank: 514612
3 KB
74 14
Domain Requested by
34 i1.hespress.com www.hespress.com
i1.hespress.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.hespress.com
pagead2.googlesyndication.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 www.hespress.com www.hespress.com
i1.hespress.com
static.cloudflareinsights.com
2 fonts.gstatic.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 www.facebook.com www.hespress.com
2 e07c522c254e09690b2df1223728434f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 region1.analytics.google.com www.googletagmanager.com
2 connect.facebook.net www.hespress.com
connect.facebook.net
2 www.googletagmanager.com www.hespress.com
www.googletagmanager.com
2 www.gstatic.com www.hespress.com
2 securepubads.g.doubleclick.net www.hespress.com
securepubads.g.doubleclick.net
1 lh3.googleusercontent.com
1 fonts.googleapis.com
1 www.google.de www.hespress.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 palibzh.tech pahter.tech
1 static.cloudflareinsights.com www.hespress.com
1 pahter.tech www.hespress.com
74 20
Subject Issuer Validity Valid
hespress.com
WE1
2024-10-01 -
2024-12-30
3 months crt.sh
pahter.tech
WE1
2024-10-09 -
2025-01-07
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
cloudflareinsights.com
WE1
2024-09-03 -
2024-12-02
3 months crt.sh
*.google-analytics.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
palibzh.tech
WE1
2024-10-04 -
2025-01-02
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-07-29 -
2024-10-27
3 months crt.sh
*.google.de
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
upload.video.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.googleusercontent.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.hespress.com/
Frame ID: 62CB738F768345E6A59B9A9476A19C1E
Requests: 71 HTTP requests in this frame

Frame: https://e07c522c254e09690b2df1223728434f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 35181C2D06133F5EF92EFD444F594286
Requests: 1 HTTP requests in this frame

Frame: https://e07c522c254e09690b2df1223728434f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4E70BDEEAC2A321353B86829062C0ED3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: C4E863A6C73D9BD22C4F8E5BBF2372C9
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Hespress - هسبريس جريدة إلكترونية مغربية

Page URL History Show full URLs

  1. http://www.hespress.com/ HTTP 307
    https://www.hespress.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

74
Requests

99 %
HTTPS

100 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

3019 kB
Transfer

6578 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hespress.com/ HTTP 307
    https://www.hespress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

74 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.hespress.com/
Redirect Chain
  • http://www.hespress.com/
  • https://www.hespress.com/
251 KB
31 KB
Document
General
Full URL
https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
9210c0722e4816581af93f8aeba8ee4848cee465fe5e55b8a6a82c4e4d355652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36

Response headers

access-control-allow-origin
*
cf-cache-status
EXPIRED
cf-ray
8d5a91048e9919b3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 20 Oct 2024 17:00:51 GMT
last-modified
Sun, 20 Oct 2024 17:00:51 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="EXPIRED"
vary
Accept-Encoding
x-nginx-cache
STALE DE
x-powered-by
PHP/7.4.13

Redirect headers

Location
https://www.hespress.com/
Non-Authoritative-Reason
HttpsUpgrades
Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/
34 KB
35 KB
Font
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Origin
https://www.hespress.com
Referer
https://www.hespress.com/

Response headers

cache-control
max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"6567ba7a-89c8"
age
4712780
cf-ray
8d5a91069aec30fa-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/font-woff
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
vary
Accept-Encoding
server
cloudflare
Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/
35 KB
35 KB
Font
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Origin
https://www.hespress.com
Referer
https://www.hespress.com/

Response headers

cache-control
max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"6567ba7a-8bd4"
age
19095451
cf-ray
8d5a91069af130fa-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/font-woff
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
vary
Accept-Encoding
server
cloudflare
Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/
35 KB
35 KB
Font
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Origin
https://www.hespress.com
Referer
https://www.hespress.com/

Response headers

cache-control
max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"6567ba7a-8cc8"
age
19090816
cf-ray
8d5a9106aaf330fa-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin
*
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/font-woff
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
vary
Accept-Encoding
server
cloudflare
hespress.com.js
pahter.tech/c/
8 KB
3 KB
Script
General
Full URL
https://pahter.tech/c/hespress.com.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b53a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"3f02c9d26139d05930116dc637a9e68e"
age
2681
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F7bNbnyzrBk8YyDij4b7fQU1rGYD35U9lPGn89YAwVFXhbz16tAfUbFZDL%2BZsjVWKKLE77au7Z3R%2FzSfb5uCj%2FEZs3C1m4SlulOTyC0kQCKDfpLfcFv%2BT7dJ7y2EbylrXCoL27alIdSHuw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20682&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4100&recv_bytes=4204&delivery_rate=125277&cwnd=12000&unsent_bytes=0&cid=70d5711a59e5a3f7&ts=40&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/javascript
last-modified
Thu, 08 Feb 2024 12:06:52 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-amz-id-2
jc01VSudueMKHX0dd0EOCAtncgqy2MH2vkCb98u2eN+FXDxESbXV+CITDMhX4PEO1axhohZ0rQmvAXDJuh7UF+GjL/iqiW0Tss9nUJEAEWc=
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2G6AHKEG72GGN3AH
cf-ray
8d5a91067dcd65cc-FRA
accept-ranges
bytes
content-length
2289
server
cloudflare
x-amz-server-side-encryption
AES256
desktop.css
i1.hespress.com/wp-content/themes/hespressar/css/
401 KB
59 KB
Stylesheet
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a073272c87a95c418d0b18a9a0abaa777530ba4fd1c3ef91b6e1344f1e41be

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cache-control
max-age=315360000
content-encoding
br
cf-bgj
minify
etag
W/"667f457e-64a48"
age
9825456
cf-cache-status
HIT
cf-ray
8d5a910658bc19b3-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
origSize=412232
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
text/css
last-modified
Fri, 28 Jun 2024 23:21:34 GMT
vary
Accept-Encoding
server
cloudflare
gpt.js
securepubads.g.doubleclick.net/tag/js/
106 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bc67b4a5decbc5bf2e05f57387a4649941a1dea04a7dbb5dd2be47dfb2cd5b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
br
etag
596 / 20016 / 31088235 / config-hash: 11692946538183363636
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 17:00:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33679
x-xss-protection
0
server
cafe
saaddine-elothmani-congre.jpg
i1.hespress.com/wp-content/uploads/2024/10/
60 KB
60 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/saaddine-elothmani-congre.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0cb8cec4b9b28e1afc994b28c462940f85ffe91d1df16ce9b6bb9bf312580da

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"671521c6-1938a"
age
3646
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=103306
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="saaddine-elothmani-congre.webp"
vary
Accept
last-modified
Sun, 20 Oct 2024 15:29:10 GMT
cache-control
max-age=315360000
cf-ray
8d5a910658be19b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
61570
server
cloudflare
administration.jpg
i1.hespress.com/wp-content/uploads/2024/05/
44 KB
44 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/administration.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
891215e0da15aff6e299f999465d949b2f2658b2384b4e1063412393c03b3233

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"664e9ccb-14cc7"
age
244112
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=85191
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="administration.webp"
vary
Accept
last-modified
Thu, 23 May 2024 01:32:59 GMT
cache-control
max-age=315360000
cf-ray
8d5a910658c219b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
44714
server
cloudflare
firebase-app.js
www.gstatic.com/firebasejs/8.2.0/
20 KB
6 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
age
393417
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:43:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:43:54 GMT
last-modified
Fri, 11 Dec 2020 17:24:19 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
6546
x-xss-protection
0
server
sffe
firebase-messaging.js
www.gstatic.com/firebasejs/8.2.0/
40 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
age
393841
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:36:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:36:50 GMT
last-modified
Fri, 11 Dec 2020 17:24:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
10840
x-xss-protection
0
server
sffe
script.min.js
i1.hespress.com/wp-content/themes/hespressar/js/
210 KB
68 KB
Script
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.52
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01529fb33b0c4ae0a1c4017a26a24641d2109386d0655bb1252d2ac8474af3e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cache-control
max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"667f457e-34973"
age
1682022
cf-ray
8d5a9106a92019b3-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/javascript
last-modified
Fri, 28 Jun 2024 23:21:34 GMT
vary
Accept-Encoding
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Origin
https://www.hespress.com
Referer
https://www.hespress.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8d5a91071a8ed365-FRA
access-control-allow-origin
*
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
gtm.js
www.googletagmanager.com/
212 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
813190d007f6aaabfe0a502e61620ec110351235a8a777535de2029854c45be1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sun, 20 Oct 2024 17:00:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 20 Oct 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76763
x-xss-protection
0
server
Google Tag Manager
sprite.svg
www.hespress.com/wp-content/themes/hespressar/
215 KB
57 KB
Other
General
Full URL
https://www.hespress.com/wp-content/themes/hespressar/sprite.svg?6.52
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cache-control
public, max-age=300
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6626d023-35dcc"
age
73
cf-ray
8d5a9106d96b19b3-FRA
expires
Sun, 20 Oct 2024 17:05:51 GMT
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/svg+xml
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
vary
Accept-Encoding
server
cloudflare
projectagora.min.js
palibzh.tech/libs/
423 KB
117 KB
Script
General
Full URL
https://palibzh.tech/libs/projectagora.min.js
Requested by
Host: pahter.tech
URL: https://pahter.tech/c/hespress.com.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:8a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c13ec4d27db2e51504d565dd7f18c8be523cd1bceef5b2a4139223675ce7ff4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
x-amz-meta-version
3.42.0
etag
"75b2712f80c97040b2c130193e2d254d"
age
50
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e293HaI8v8YwZrh9LNPD%2FfvDtXoTnoMi2HbbuVSYRrWnVf8fqcj3F1fpv5QgGue%2Beg3bxYDbszZOHA2%2Fa6muOfOhfrR8jQbFKlJz7ZXS2F6AQh%2FHVO3WrySXyT8Y68%2BbzPaTwgfNMXwPJyY%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17827&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4112&recv_bytes=4190&delivery_rate=158485&cwnd=12000&unsent_bytes=0&cid=79ba3981ea6310b8&ts=37&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 10:49:49 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
dssW2OAZ7T9uLaaLeB3PbyYFYCJs188WE7gVjwvtu8zO8BQfARhm0cH1s2pVxSVgm//Ks2aji5jROck7Y63wZw==
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
H18HBB36S2SFWXX9
cf-ray
8d5a91072bbc6937-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
119358
server
cloudflare
x-amz-server-side-encryption
AES256
sprite.svg
i1.hespress.com/wp-content/themes/hespressar/
215 KB
53 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.52
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52

Response headers

cache-control
public, max-age=300
content-encoding
br
cf-cache-status
HIT
etag
W/"6626d023-35dcc"
age
65
cf-ray
8d5a910719a819b3-FRA
expires
Sun, 20 Oct 2024 17:05:51 GMT
access-control-allow-origin
*
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/svg+xml
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
vary
Accept-Encoding
server
cloudflare
shows-bg.jpg
i1.hespress.com/wp-content/themes/hespress/img/
41 KB
42 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/img/shows-bg.jpg
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52

Response headers

cf-bgj
imgq:85,h2pri
etag
"64527706-1eaea"
age
330029
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=125674
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="shows-bg.webp"
vary
Accept
last-modified
Wed, 03 May 2023 15:00:22 GMT
cache-control
max-age=315360000
cf-ray
8d5a910719af19b3-FRA
accept-ranges
bytes
content-length
42292
server
cloudflare
placeholder.png
i1.hespress.com/wp-content/themes/hespressar/img/
3 KB
3 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/img/placeholder.png
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52

Response headers

cf-bgj
imgq:85,h2pri
etag
"5fb06004-1177"
age
327552
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
origFmt=png, origSize=4471
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="placeholder.webp"
vary
Accept
last-modified
Sat, 14 Nov 2020 22:53:56 GMT
cache-control
max-age=315360000
cf-ray
8d5a910719b119b3-FRA
accept-ranges
bytes
content-length
3412
server
cloudflare
weathericons-regular.otf
i1.hespress.com/wp-content/themes/hespress/fonts/
53 KB
53 KB
Font
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/weathericons-regular.otf
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Origin
https://www.hespress.com
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52

Response headers

cache-control
max-age=315360000
cf-cache-status
HIT
etag
"5fcf1c3f-d360"
age
4791736
cf-ray
8d5a91076c0830fa-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
54112
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/x-font-otf
last-modified
Tue, 08 Dec 2020 06:25:03 GMT
vary
Accept-Encoding
server
cloudflare
/
www.hespress.com/
111 KB
8 KB
XHR
General
Full URL
https://www.hespress.com/?weather_and_prayer
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
5f84ba2c16beee2a32b6383d7f88911fedd25722dc956c14eca84f92c348e593

Request headers

Referer
https://www.hespress.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Accept
*/*

Response headers

x-nginx-cache
HIT DE
content-encoding
br
cf-cache-status
DYNAMIC
cf-ray
8d5a910749e519b3-FRA
access-control-allow-origin
*
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.13
server
cloudflare
bouknadel.jpeg
i1.hespress.com/wp-content/uploads/2024/10/
58 KB
58 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/bouknadel.jpeg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc6cf64d94faef51445278d033ee12223044e82d5f7b0a9d30ec9da816aec0e

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"67105ca6-1cf53"
age
323941
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
degrade=85, origSize=118611, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Thu, 17 Oct 2024 00:39:02 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a91078a2919b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
59251
server
cloudflare
cash.jpg
i1.hespress.com/wp-content/uploads/2024/10/
83 KB
83 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/cash.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
320876bb898427d500ccf18285e7b65053073f0abe22dc4f73b39a492c632e95

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"67102c12-197c8"
age
331124
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
degrade=85, origSize=104392, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Wed, 16 Oct 2024 21:11:46 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a91078a2b19b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
84646
server
cloudflare
9issa_site.jpg
i1.hespress.com/wp-content/uploads/2024/10/
47 KB
47 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/9issa_site.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68e07287229800d4cb537e338d8c60b0ed64734ba9220ffb7e0ccf9b30fe357c

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"6708677e-11ee2"
age
328443
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=73442
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="9issa_site.webp"
vary
Accept
last-modified
Thu, 10 Oct 2024 23:47:10 GMT
cache-control
max-age=315360000
cf-ray
8d5a91078a2e19b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
48232
server
cloudflare
medcine.jpg
i1.hespress.com/wp-content/uploads/2024/10/
77 KB
77 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/medcine.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b09a83d2251b5f27a4759ac1c74ab43183f6f5fc4de0526d32fca9494a1ad031

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"66fc6c74-141eb"
age
1627083
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
origSize=82411, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Tue, 01 Oct 2024 21:41:08 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a91078a2f19b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
79054
server
cloudflare
Bidoune-3onouane.jpg
i1.hespress.com/wp-content/uploads/2024/09/
86 KB
87 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/09/Bidoune-3onouane.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8013099853ab50e7e587778be7fc712ff2030425b8e07d1123b86b002d54c2cb

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"66f6fc8b-1a685"
age
1976238
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
degrade=85, origSize=108165, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Fri, 27 Sep 2024 18:42:19 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a91078a3119b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
88379
server
cloudflare
web.jpg
i1.hespress.com/wp-content/uploads/2024/09/
97 KB
97 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/09/web.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a2a29a3d5dbe890bd576cb430380a3099b43a84ebdbc491ad22e2b5533a199

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"66f6e34c-190c8"
age
1993788
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
origSize=102600, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Fri, 27 Sep 2024 16:54:36 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a91078a3219b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
99224
server
cloudflare
gold-1.jpg
i1.hespress.com/wp-content/uploads/2024/09/
75 KB
76 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/09/gold-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a767cb2e413b25520c9fc867692104c7b125e25120d0ba4fa436e0b72a68c2d6

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"66f3131b-176ee"
age
2231936
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
degrade=85, origSize=95982, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Tue, 24 Sep 2024 19:29:31 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a91078a3419b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
77195
server
cloudflare
site-13.jpg
i1.hespress.com/wp-content/uploads/2024/09/
62 KB
62 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/09/site-13.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6936580432f374bee3dc6641b4882726c4bea86cc697fe1cb37a9da419a41a9

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"66ef3f8c-fe85"
age
1681811
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
origSize=65157, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Sat, 21 Sep 2024 21:50:04 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a91078a3519b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
63101
server
cloudflare
dyslexia.jpg
i1.hespress.com/wp-content/uploads/2024/10/
65 KB
65 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/dyslexia.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c650d1a99ee8e1b9dc936c69fd2d084b645d987e4b927158d470440ef3a6cb02

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"671538b3-13d59"
age
6748
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=81241
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="dyslexia.webp"
vary
Accept
last-modified
Sun, 20 Oct 2024 17:06:59 GMT
cache-control
max-age=315360000
cf-ray
8d5a91078a3819b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
66618
server
cloudflare
olive.jpg
i1.hespress.com/wp-content/uploads/2024/10/
81 KB
81 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/olive.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a77b840d207455cd8a9d26caaae94f58d251ee0fb31c292fdce4753ded4d57a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"671523a0-1689b"
age
12469
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
degrade=85, origSize=92315, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Sun, 20 Oct 2024 15:37:04 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a9107aa5319b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
82957
server
cloudflare
la-journee-internationale-de-la-musique.jpg
i1.hespress.com/wp-content/uploads/2024/10/
62 KB
63 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/la-journee-internationale-de-la-musique.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca5e0eef49b85bc06e653a276744d35aeeeeff21935defa36f37fbabbd60f41

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"6714557c-13e40"
age
64462
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=81472
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="la-journee-internationale-de-la-musique.webp"
vary
Accept
last-modified
Sun, 20 Oct 2024 00:57:32 GMT
cache-control
max-age=315360000
cf-ray
8d5a9107aa5519b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
63882
server
cloudflare
parlement-3.jpg
i1.hespress.com/wp-content/uploads/2024/10/
87 KB
87 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/parlement-3.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71c6ada264d436f7257a6b5b2039f212a7677a8d5f2a7ea673fb22e862296e2a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"67141ec0-18e29"
age
75068
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
degrade=85, origSize=101929, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Sat, 19 Oct 2024 21:04:00 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a9107aa5619b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
89020
server
cloudflare
Bensaid-1.jpg
i1.hespress.com/wp-content/uploads/2024/10/
69 KB
70 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/Bensaid-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a2f93b84d4d6cd17f8107d47982ac3db2a2f7db52ed934bdf26ed9a70d6259

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"6714077c-1413f"
age
82178
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
degrade=85, origSize=82239, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Sat, 19 Oct 2024 19:24:44 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a9107aa5719b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
71090
server
cloudflare
Mahjoub-Salek-1.jpg
i1.hespress.com/wp-content/uploads/2024/10/
40 KB
40 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/Mahjoub-Salek-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae25a28e617b4c15bdb313114fb9370640f3dade7cc8f2109f8ce9afffab83c3

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"671400fe-e442"
age
82250
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=58434
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="Mahjoub-Salek-1.webp"
vary
Accept
last-modified
Sat, 19 Oct 2024 18:57:02 GMT
cache-control
max-age=315360000
cf-ray
8d5a9107aa5a19b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
40598
server
cloudflare
pam-12.jpg
i1.hespress.com/wp-content/uploads/2024/10/
69 KB
69 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/pam-12.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b25a3e73dca8e69dba1fe715b23e40199b2ad52c476cb5deb27946f2f8c210

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"6713ee58-1982c"
age
85688
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=104492
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="pam-12.webp"
vary
Accept
last-modified
Sat, 19 Oct 2024 17:37:28 GMT
cache-control
max-age=315360000
cf-ray
8d5a9107aa5b19b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
70486
server
cloudflare
ADA-5.jpg
i1.hespress.com/wp-content/uploads/2024/10/
22 KB
22 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/ADA-5.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dbcbf8c1757722fa4644b68f73f01cb5f47251ffb47c4970fdf99b4502977a4

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"6713fe5d-a060"
age
87722
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=41056
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="ADA-5.webp"
vary
Accept
last-modified
Sat, 19 Oct 2024 18:45:49 GMT
cache-control
max-age=315360000
cf-ray
8d5a9107aa5e19b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
22154
server
cloudflare
marrakech_site_.jpg
i1.hespress.com/wp-content/uploads/2024/10/
52 KB
52 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/marrakech_site_.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
966dc6514584425fedd0ab8be32807c183a1863e112908ff7415c2287e7c5dec

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"66fd9b81-4927e"
age
1478891
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=299646
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="marrakech_site_.webp"
vary
Accept
last-modified
Wed, 02 Oct 2024 19:14:09 GMT
cache-control
max-age=315360000
cf-ray
8d5a9107aa6019b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
53078
server
cloudflare
lehna.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/10/
12 KB
12 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/10/lehna.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed368df244438767894bba29f3f1af7c345c189cb6016472ce79b2ee9969d82

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
W/"6702c41c-5616"
age
1214574
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=12115
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="lehna.webp"
vary
Accept
last-modified
Sun, 06 Oct 2024 17:08:44 GMT
cache-control
max-age=315360000
cf-ray
8d5a9107aa6119b3-FRA
accept-ranges
bytes
content-length
11792
server
cloudflare
chakib-laalej.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/10/
12 KB
12 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/10/chakib-laalej.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6547196503449378d3607bcf1e1431759b7b2c69edff23519640e0a8b1e557a8

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cache-control
max-age=315360000
cf-bgj
imgq:85,h2pri
etag
W/"6702c564-55d1"
age
1214574
cf-cache-status
HIT
cf-ray
8d5a9107aa6319b3-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
cf-polished
degrade=85, origSize=12317, status=webp_bigger
content-length
12138
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Sun, 06 Oct 2024 17:14:12 GMT
vary
Accept-Encoding
server
cloudflare
Fenerbahce-SK-youssef.jpg
i1.hespress.com/wp-content/uploads/2024/08/
63 KB
63 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Fenerbahce-SK-youssef.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bc5e2a4ad67f722a375c876a1f370deac00618f92b983a42e6484d55d4d478d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"66c1345d-1acf6"
age
192641
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=109814
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/webp
content-disposition
inline; filename="Fenerbahce-SK-youssef.webp"
vary
Accept
last-modified
Sat, 17 Aug 2024 23:38:05 GMT
cache-control
max-age=315360000
cf-ray
8d5a9107aa6519b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
64032
server
cloudflare
raja-club-2024.jpg
i1.hespress.com/wp-content/uploads/2024/09/
101 KB
102 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/09/raja-club-2024.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b2abee9ab8f1dcbe95103d92c12ac0d6f4841ff77509493f318f6d9356d5f2f

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"66dcf88f-25be4"
age
1546236
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
degrade=85, origSize=154596, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Sun, 08 Sep 2024 01:06:23 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a9107aa6719b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
103719
server
cloudflare
boxe.jpg
i1.hespress.com/wp-content/uploads/2024/10/
107 KB
107 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/10/boxe.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49e835a2b495534e5a2cf6bbdc64610d3876f651154cfbd710f8ebd058af11b1

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cf-bgj
imgq:85,h2pri
etag
"6713c93e-26e6f"
age
49216
cf-cache-status
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cf-polished
degrade=85, origSize=159343, status=webp_bigger
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
image/jpeg
last-modified
Sat, 19 Oct 2024 14:59:10 GMT
vary
Accept-Encoding
cache-control
max-age=315360000
cf-ray
8d5a9107aa6d19b3-FRA
accept-ranges
bytes
access-control-allow-origin
*.hespress.com
content-length
109094
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/
480 KB
149 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js?cb=31088235
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
916a3cdac03baac007633a6ef2b6824372a2f43bb9c1f25a29832995134db667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
br
etag
3246870745169537564
age
25168
x-content-type-options
nosniff
expires
Mon, 20 Oct 2025 10:01:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 20 Oct 2024 10:01:23 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152590
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/
313 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b2da20a3e2d0fdb7c401d09c22130ecd43a2685efd66503bba8f7932f65cd0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 20 Oct 2024 17:00:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
107590
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
227 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 17:00:51 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=23, mss=1232, tbw=4446, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
fpx754W4Z1Qk8ji2PKyvEt+L78Adfh5o7P5pxADI+YuO57CxPqMF5kZS4mSy2tFrZAD4asonigljkFJmdEfkfQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59352
x-xss-protection
0
origin-agent-cluster
?1
447079109144639
connect.facebook.net/signals/config/
74 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/447079109144639?v=2.9.172&r=stable&domain=www.hespress.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be4758a682e8f4613f824083b1900eed791702addc383ea623dc1b7d1e078ca7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=74, mss=1232, tbw=67740, tp=65, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
eIU6Axm52VvKwYwqF4WwkdhHoI4wBs5XrMy7oFBHsdEAurrkBSwi3swwNUGCJ5VQLRunrV995tER70ddSs9kIQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14892
x-xss-protection
0
origin-agent-cluster
?1
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je4ah0v869673765z878625843za200zb78625843&_p=1729443651643&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&cid=219869661.1729443652&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729443652&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=877
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.hespress.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
555 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P97QV0GBGK&cid=219869661.1729443652&gtm=45je4ah0v869673765z878625843za200zb78625843&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101686685
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.hespress.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P97QV0GBGK&cid=219869661.1729443652&gtm=45je4ah0v869673765z878625843za200zb78625843&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101686685&tag_exp=101533422~101686685&z=1515396873
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sun, 20 Oct 2024 17:00:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
pagead2.googlesyndication.com/gampad/
595 B
308 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1692495648958247&correlator=43181087381857&eid=31079957%2C31088235%2C95344207%2C31087156&output=ldjh&gdfp_req=1&vrg=202410170101&ptt=17&impl=fif&iu_parts=153418548%2Ccode_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=525783152&sfv=1-0-40&sc=1&lrm=400&abxe=1&dt=1729443652078&lmt=1729443651&adxs=1599&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1600x6904&msz=1x-1&fws=0&ohw=0&td=1&egid=52126&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729443651545&idt=490&adks=432670791&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js?cb=31088235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8f31121a7fd661d3447981ef2f0eb5bf0c0f15bfba542a7086beb0b00d4313d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.hespress.com
content-length
279
x-xss-protection
0
server
cafe
container.html
e07c522c254e09690b2df1223728434f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3518
0
0
Document
General
Full URL
https://e07c522c254e09690b2df1223728434f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js?cb=31088235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Oct 2024 17:00:52 GMT
expires
Sun, 20 Oct 2024 17:00:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/
33 KB
13 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1692495648958247&correlator=43181087381857&eid=31079957%2C31088235%2C95344207%2C31087156&output=ldjh&gdfp_req=1&vrg=202410170101&ptt=17&impl=fif&iu_parts=153418548%2Cmega_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=2&didk=2462911251&sfv=1-0-40&sc=1&lrm=400&abxe=1&dt=1729443652086&lmt=1729443651&adxs=315&adys=135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x0&msz=970x0&fws=4&ohw=1366&td=1&egid=52126&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729443651545&idt=490&adks=337753859&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js?cb=31088235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1014c53a3b4036d113ac06d92059b1626e2a00e4b48d1f8e3585dd241e52bcbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
br
google-lineitem-id
-1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.hespress.com
content-length
13536
x-xss-protection
0
server
cafe
ads
pagead2.googlesyndication.com/gampad/
526 B
249 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=1692495648958247&correlator=43181087381857&eid=31079957%2C31088235%2C95344207%2C31087156&output=ldjh&gdfp_req=1&vrg=202410170101&ptt=17&impl=fif&iu_parts=153418548%2Cbillboard_btf_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90%7C940x230&ifi=3&didk=1711791774&sfv=1-0-40&sc=1&lrm=400&abxe=1&dt=1729443652088&lmt=1729443651&adxs=315&adys=686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x16&msz=970x0&fws=4&ohw=1366&td=1&egid=52126&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1729443651545&idt=490&adks=4098979368&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js?cb=31088235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db718dd94dad237c4a464a7aec42b5e08155006a18a22710199c6b894e8135eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.hespress.com
content-length
220
x-xss-protection
0
server
cafe
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1729443652099&sw=1600&sh=1200&v=2.9.172&r=stable&a=tmgoogletagmanager&ec=0&o=12318&fbp=fb.1.1729443652098.230765120381358175&cs_est=true&ler=empty&cdl=API_unavailable&it=1729443652005&coo=false&rqm=GET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1328, tbw=2902, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1729443652099&sw=1600&sh=1200&v=2.9.172&r=stable&a=tmgoogletagmanager&ec=0&o=12318&fbp=fb.1.1729443652098.230765120381358175&cs_est=true&ler=empty&cdl=API_unavailable&it=1729443652005&coo=false&rqm=FGET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7427903927366119484"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
WVjpSZ65vJHwPTLKfsTnYHy/lepLnZAQl/KyGK7nbkZuZOLSaiHgA9KB3IeAi6OLbbYYGOYpm8mQmE7ICIwVSA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7427903927366119484", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1328, tbw=3220, tp=-1, tpl=-1, uplat=174, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a5ffea83661200e2e2d11bc7917f66e8f7663c9ba3a7e628209c388b73b6153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
br
etag
1940894698115779734
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 17:00:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53427
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410170101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js?cb=31088235
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96382a226ecbe1b5ddbfe7899b66dc09f1bad0b4eb94d95b65dae58363391b09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12792
date
Sun, 20 Oct 2024 17:00:52 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
rum
www.hespress.com/cdn-cgi/
0
183 B
XHR
General
Full URL
https://www.hespress.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
content-type
application/json
Referer
https://www.hespress.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8d5a910b3f4b19b3-FRA
access-control-allow-origin
https://www.hespress.com
date
Sun, 20 Oct 2024 17:00:52 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
i1.hespress.com/wp-content/themes/hespressar/icons/
868 B
985 B
Other
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cache-control
max-age=315360000
content-encoding
br
cf-cache-status
HIT
etag
W/"5fa925d1-364"
age
18189962
cf-ray
8d5a910b3f4d19b3-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
image/x-icon
last-modified
Mon, 09 Nov 2020 11:19:45 GMT
vary
Accept-Encoding
server
cloudflare
sodar2.js
tpc.googlesyndication.com/sodar/
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js?cb=31088235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 17:00:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/
432 KB
144 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1a36502377ed44c578f454b3c01a5e317029d4121207b4441fd88af49745c22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
br
etag
5034227003527994131
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 17:00:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147242
x-xss-protection
0
server
cafe
container.html
e07c522c254e09690b2df1223728434f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4E70
0
0
Document
General
Full URL
https://e07c522c254e09690b2df1223728434f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410170101/pubads_impl.js?cb=31088235
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Oct 2024 17:00:52 GMT
expires
Sun, 20 Oct 2024 17:00:52 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-9809098668305457
fundingchoicesmessages.google.com/i/
195 KB
64 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9809098668305457?href=https%3A%2F%2Fwww.hespress.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6007e21f192599236f77f884bd1a28667f6d4bbfcd2b39e0a1fb7780fcd6927d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1csVjjFPAjnJ-mtZsPqwJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:52 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0pBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B2JDhUusjiBcdInVE4hVey6xmgLx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1iYgvt10hfUxEAvxcBx5d2UHm0DH_XUzmZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0MTfUMzOMLDABNBEq1"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1csVjjFPAjnJ-mtZsPqwJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame C4E8
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36

Response headers

accept-ranges
bytes
age
1140
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 20 Oct 2024 16:41:52 GMT
expires
Sun, 20 Oct 2024 17:31:52 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxV0MBDZ8QHcQblrKf9JYe2TZfhkGuORo_3xQSAuNqUTn5un-eJeHcL7DJMmFHsRGRZFWwWvCw_IWd05OGPkFmXg-pIORI2foMv8larG-OmSir_w9HyF006tIgFM6tTOS88ayv8a
fundingchoicesmessages.google.com/f/
455 KB
65 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV0MBDZ8QHcQblrKf9JYe2TZfhkGuORo_3xQSAuNqUTn5un-eJeHcL7DJMmFHsRGRZFWwWvCw_IWd05OGPkFmXg-pIORI2foMv8larG-OmSir_w9HyF006tIgFM6tTOS88ayv8a?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzI5NDQzNjUyLDkzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVzcHJlc3MuY29tLyIsbnVsbCxbWzgsIlR5MGhlTWZ6WDNzIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMww9yZ2V0k3qc5tPVo4OWw2qgza_g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
834b4b63bd67900118363445e12376199d4717cec8858942ba525f63bf9b86ed
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-HMCTKFT9h5dbxhu0pPfsXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:53 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw1JBiOO90h-k6EEt8fcmkAcRO6TNYg4C49eY51qlAnPTvPGsRELtrXWT1B2JDhUusjiBcdInVE4hVey6xmgLx_XWXWJ8D8dc9l1j_AvHej5dYjwJxkcQV1iYgvt10hfUxEAtxcxx9d2UHm8CLuRNElDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMDQxN9QzM4wsMAPmPSiw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-HMCTKFT9h5dbxhu0pPfsXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
114 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans_old:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto_old:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Ty0heMfzX3s.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzXsH6_CCQGA5w0hl-T3KCEJPyu2w/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c84967ed8bd11e1a19166a86d697a067d293c82658c8a4ba3346a92d31d4a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 17:00:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:53 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 20 Oct 2024 17:00:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
lh3.googleusercontent.com/
6 KB
6 KB
Image
General
Full URL
https://lh3.googleusercontent.com/uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2270a08bf4bbc100c28636a1233ec5635ff58f4f38720eac5c84979afd08744f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
1455
x-content-type-options
nosniff
expires
Mon, 21 Oct 2024 16:36:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 16:36:38 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
6178
x-xss-protection
0
server
fife
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Origin
https://www.hespress.com
Referer
https://www.hespress.com/

Response headers

age
393687
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:39:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:39:26 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Origin
https://www.hespress.com
Referer
https://www.hespress.com/

Response headers

age
393687
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 16 Oct 2025 03:39:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 16 Oct 2024 03:39:26 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
AGSKWxXOr75USNttLMUBsUrBzkabGIEEGlH8NZ3ZeGjo0uU7Wi0YZUfTogf8gmY1x1hnttzwdWF59MlkQYC4OUYecjsVbu8aIOu5L-BchmpqQAgDCHfEEkcl6cHBvYN2rQA50Lf2ZNIJ
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXOr75USNttLMUBsUrBzkabGIEEGlH8NZ3ZeGjo0uU7Wi0YZUfTogf8gmY1x1hnttzwdWF59MlkQYC4OUYecjsVbu8aIOu5L-BchmpqQAgDCHfEEkcl6cHBvYN2rQA50Lf2ZNIJ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMww9yZ2V0k3qc5tPVo4OWw2qgza_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NfUZhlTJIfs60GPMqqhNrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Content-Type
text/plain
Referer
https://www.hespress.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:53 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1ZBicEqfwRoAxO5aF1n9gfjrnkusf4F478dLrEeBWIib4-i7KzvYBC68_1ek5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMDQzN9QzM4wsMAPwrMCk"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NfUZhlTJIfs60GPMqqhNrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.hespress.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXOr75USNttLMUBsUrBzkabGIEEGlH8NZ3ZeGjo0uU7Wi0YZUfTogf8gmY1x1hnttzwdWF59MlkQYC4OUYecjsVbu8aIOu5L-BchmpqQAgDCHfEEkcl6cHBvYN2rQA50Lf2ZNIJ
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXOr75USNttLMUBsUrBzkabGIEEGlH8NZ3ZeGjo0uU7Wi0YZUfTogf8gmY1x1hnttzwdWF59MlkQYC4OUYecjsVbu8aIOu5L-BchmpqQAgDCHfEEkcl6cHBvYN2rQA50Lf2ZNIJ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Ty0heMfzX3s.es5.O/am=DAY/d=1/rs=AJlcJMww9yZ2V0k3qc5tPVo4OWw2qgza_g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h3uVtWdcEYWEMTsXEXeJIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Content-Type
text/plain
Referer
https://www.hespress.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:53 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBicEqfwRoAxO5aF1n9gfjrnkusf4F478dLrEeBWIib4-i7KzvYBC48Wlym5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwMDQzN9QzM4wsMAOLEL8s"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h3uVtWdcEYWEMTsXEXeJIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://www.hespress.com
content-length
0
x-xss-protection
0
server
ESF
sodar
pagead2.googlesyndication.com/pagead/
0
0

collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je4ah0v869673765za200zb78625843&_p=1729443651643&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685&cid=219869661.1729443652&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1729443652&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=ad_impression&ep.query_id=CN7Nr9S3nYkDFbST_QcdGGYXvA&_et=462&tfd=6342
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.35 Safari/537.36
Referer
https://www.hespress.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.hespress.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 17:00:57 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410170101&jk=1692495648958247&bg=!f3ylfDPNAAaUWUsktFk7ADQBe5WfOFamodsr8_ZgtYGUp_OweH5MMMsYSw9DR0-Ch0wvpGukqlTOf4xk-gmvN11fuSFlAgAAAFBSAAAAAWgBB34ANgXEkBbf4lW_K9PhvNbK_d-S3cbpD-vzjd9eV97U4zJynxBUoUjtpgEC6GUSWeuWpxWyO2_5UZkCkfn1QvfWhL8kKPtmSn39NlGcrSDBE5akIjF3kNv2YdXt8elV3w9zaUFFU9Md2-yasEgxfHYTF9KF6iBD3viKhtICea69AwHe3KmB4v-5MSM3sqvBSGSBlP5ujlRkMU_Gru9MViHEWf91sjGDiGH7wn45kYsI_NqaW2Zd60raePgR5eM9FvobvvuLnImvfPUj8olBTzRBJobRVKwlx3UjeVU5ApU9C-PstsLg9KUx-qzqcWyfJlo13T3qmoDPdQOImtcVgMWCR963t9HOsvdEM9VmCUbvu2ysBSTELITaee4Mo6aQJmlI7VMS0g1X7krXXaeWGmhModDhheE4mDh9kEBu7xWxnf-b2qaqpInK5fDV3aVqgorwRhLobfdQZOV3tLv9Qij2jHGHZJ_C_iRcI6BfHRifseeQ4BPnKhZmLk_PNWl2bj4TJ9PgZJM9wvmIRu0SUGkMG7R1PXQYeh7RGJuWX_keoMpn0evCt4fYjBUw_W7fQmqd8WbENmulHGWS1ni4TTzsBVw5GSKExG4l5GazD9PhCiJWkbscqpTJwvoduGKuCHpsYCWvPvuGRTvRM15KTBaOZMF1mxQcnUOoldkzBv8E5JzrCqhdTEPrvFCy4W-J0e15Dzrf-J7vRwEPqHfZpOUv_MDrANyj9HE1zvy0jnVjl2vmRzCTINSHle0Kyr8gwijVlNC82P15CfXEWDzOP0VBdxDxK70Nt-D6GMSan1RZcCWkEY-bcl6zDZ1isFSZUFiyrfEWJvKaCbQxX22BNaEDBQmpUtARE6Z6KasFjC-K1LihNaIVcgTvEsbUYg8AkGtQjY_SD9xQ-Q3Vw_JT899Fm8zGD6c6HywcQ310UTvKwZSm1FC_DVBWTRlxSA

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| refreshAds object| googletag object| dataLayer object| firebase object| config function| downloadAdsenseAtOnload object| notificationApp object| TWAGORAINARTICLE string| popover_message string| popover_accept_text string| popover_reject_text string| popover_icon_path object| comment_lang string| copyLink string| newsletterApiId object| notificationConf object| hespress object| __cfBeacon object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| iFrameResize object| ProjectAgora function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| google_reactive_ads_global_state number| google_unique_id object| GoogleGcLKhOms number| google_srt object| google_logging_queue object| google_ad_modifications object| google_persistent_state_async object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjMwNTFjMGNmN2I5NGU4bG9hZGVyX2pz string| MjMwNTFjMGNmN2I5NGU4Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

5 Cookies

Domain/Path Name / Value
.hespress.com/ Name: _ga
Value: GA1.1.219869661.1729443652
.hespress.com/ Name: _fbp
Value: fb.1.1729443652098.230765120381358175
.hespress.com/ Name: _ga_P97QV0GBGK
Value: GS1.1.1729443652.1.0.1729443652.60.0.0
.hespress.com/ Name: __eoi
Value: ID=578bc80c0bc9a085:T=1729443652:RT=1729443652:S=AA-AfjblugsrqVBAEs1zG53-qGou
measurement-api.criteo.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
e07c522c254e09690b2df1223728434f.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i1.hespress.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
pahter.tech
palibzh.tech
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hespress.com
pagead2.googlesyndication.com
2001:4860:4802:34::36
2606:4700:3035::ac43:b53a
2606:4700:3037::ac43:8a15
2606:4700::6810:4f49
2606:4700::6812:16c4
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
0bc67b4a5decbc5bf2e05f57387a4649941a1dea04a7dbb5dd2be47dfb2cd5b4
1014c53a3b4036d113ac06d92059b1626e2a00e4b48d1f8e3585dd241e52bcbd
16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98
1ca5e0eef49b85bc06e653a276744d35aeeeeff21935defa36f37fbabbd60f41
2270a08bf4bbc100c28636a1233ec5635ff58f4f38720eac5c84979afd08744f
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808
320876bb898427d500ccf18285e7b65053073f0abe22dc4f73b39a492c632e95
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
49e835a2b495534e5a2cf6bbdc64610d3876f651154cfbd710f8ebd058af11b1
4a77b840d207455cd8a9d26caaae94f58d251ee0fb31c292fdce4753ded4d57a
4bc5e2a4ad67f722a375c876a1f370deac00618f92b983a42e6484d55d4d478d
4c13ec4d27db2e51504d565dd7f18c8be523cd1bceef5b2a4139223675ce7ff4
58b25a3e73dca8e69dba1fe715b23e40199b2ad52c476cb5deb27946f2f8c210
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da
5f84ba2c16beee2a32b6383d7f88911fedd25722dc956c14eca84f92c348e593
6007e21f192599236f77f884bd1a28667f6d4bbfcd2b39e0a1fb7780fcd6927d
63a2a29a3d5dbe890bd576cb430380a3099b43a84ebdbc491ad22e2b5533a199
6547196503449378d3607bcf1e1431759b7b2c69edff23519640e0a8b1e557a8
68e07287229800d4cb537e338d8c60b0ed64734ba9220ffb7e0ccf9b30fe357c
6c84967ed8bd11e1a19166a86d697a067d293c82658c8a4ba3346a92d31d4a87
71c6ada264d436f7257a6b5b2039f212a7677a8d5f2a7ea673fb22e862296e2a
8013099853ab50e7e587778be7fc712ff2030425b8e07d1123b86b002d54c2cb
813190d007f6aaabfe0a502e61620ec110351235a8a777535de2029854c45be1
834b4b63bd67900118363445e12376199d4717cec8858942ba525f63bf9b86ed
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
891215e0da15aff6e299f999465d949b2f2658b2384b4e1063412393c03b3233
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a5ffea83661200e2e2d11bc7917f66e8f7663c9ba3a7e628209c388b73b6153
8b2abee9ab8f1dcbe95103d92c12ac0d6f4841ff77509493f318f6d9356d5f2f
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
916a3cdac03baac007633a6ef2b6824372a2f43bb9c1f25a29832995134db667
9210c0722e4816581af93f8aeba8ee4848cee465fe5e55b8a6a82c4e4d355652
96382a226ecbe1b5ddbfe7899b66dc09f1bad0b4eb94d95b65dae58363391b09
966dc6514584425fedd0ab8be32807c183a1863e112908ff7415c2287e7c5dec
9b2da20a3e2d0fdb7c401d09c22130ecd43a2685efd66503bba8f7932f65cd0c
9dbcbf8c1757722fa4644b68f73f01cb5f47251ffb47c4970fdf99b4502977a4
a01529fb33b0c4ae0a1c4017a26a24641d2109386d0655bb1252d2ac8474af3e
a6936580432f374bee3dc6641b4882726c4bea86cc697fe1cb37a9da419a41a9
a767cb2e413b25520c9fc867692104c7b125e25120d0ba4fa436e0b72a68c2d6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae25a28e617b4c15bdb313114fb9370640f3dade7cc8f2109f8ce9afffab83c3
b09a83d2251b5f27a4759ac1c74ab43183f6f5fc4de0526d32fca9494a1ad031
b4a073272c87a95c418d0b18a9a0abaa777530ba4fd1c3ef91b6e1344f1e41be
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
b8f31121a7fd661d3447981ef2f0eb5bf0c0f15bfba542a7086beb0b00d4313d
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6
be4758a682e8f4613f824083b1900eed791702addc383ea623dc1b7d1e078ca7
c1a36502377ed44c578f454b3c01a5e317029d4121207b4441fd88af49745c22
c650d1a99ee8e1b9dc936c69fd2d084b645d987e4b927158d470440ef3a6cb02
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
d2a2f93b84d4d6cd17f8107d47982ac3db2a2f7db52ed934bdf26ed9a70d6259
db718dd94dad237c4a464a7aec42b5e08155006a18a22710199c6b894e8135eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cb8cec4b9b28e1afc994b28c462940f85ffe91d1df16ce9b6bb9bf312580da
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
fbc6cf64d94faef51445278d033ee12223044e82d5f7b0a9d30ec9da816aec0e
fed368df244438767894bba29f3f1af7c345c189cb6016472ce79b2ee9969d82
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99