urlscan.io logo urlscan.io
SecurityTrails logo

www.hespress.com Open in urlscan Pro
2606:4700::6812:16c4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.hespress.com/
Effective URL: https://www.hespress.com/
Submission: On August 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 2 countries across 17 domains to perform 66 HTTP transactions. The main IP is 2606:4700::6812:16c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hespress.com. The Cisco Umbrella rank of the primary domain is 539877.
TLS certificate: Issued by WE1 on August 3rd 2024. Valid for: 3 months.
This is the only time www.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
32 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.67.181.58 13335 (CLOUDFLAR...)
6 142.250.65.226 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 172.67.138.21 13335 (CLOUDFLAR...)
2 157.240.241.1 32934 (FACEBOOK)
1 2a04:4e42:400... 54113 (FASTLY)
1 2620:100:a00b::4 19750 (AS-CRITEO)
1 104.18.35.167 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2620:100:a00b... 19750 (AS-CRITEO)
1 34.98.64.218 396982 (GOOGLE-CL...)
66 21
32    2606:4700::6812:16c4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hespress.com
i1.hespress.com
4    2606:4700::6812:17c4 (United States)

ASN13335 (CLOUDFLARENET, US)
i1.hespress.com
1    172.67.181.58 (United States)

ASN13335 (CLOUDFLARENET, US)
pahter.tech
6    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.67.138.21 (United States)

ASN13335 (CLOUDFLARENET, US)
palibzh.tech
2    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2607:f8b0:4006:80a::2001 (United States)

ASN15169 (GOOGLE, US)
db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com
2    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
Apex Domain
Subdomains		 Transfer
36 hespress.com
www.hespress.com — Cisco Umbrella Rank: 539877
i1.hespress.com — Cisco Umbrella Rank: 399891
2 MB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
td.doubleclick.net — Cisco Umbrella Rank: 481
192 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3664
google-bidout-d.openx.net — Cisco Umbrella Rank: 3568
492 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 google.com
analytics.google.com — Cisco Umbrella Rank: 238
2 googlesyndication.com
db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
174 KB
2 gstatic.com
www.gstatic.com
18 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 553
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2913
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1594
7 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 992
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
902 B
1 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 57067
108 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
1 pahter.tech
pahter.tech — Cisco Umbrella Rank: 456002
3 KB
66 17
Domain Requested by
33 i1.hespress.com www.hespress.com
i1.hespress.com
6 securepubads.g.doubleclick.net www.hespress.com
securepubads.g.doubleclick.net
3 www.hespress.com www.hespress.com
i1.hespress.com
2 www.facebook.com www.hespress.com
2 oajs.openx.net 1 redirects www.hespress.com
2 analytics.google.com www.googletagmanager.com
2 db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 connect.facebook.net www.hespress.com
connect.facebook.net
2 www.googletagmanager.com www.hespress.com
www.googletagmanager.com
2 www.gstatic.com www.hespress.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 gum.criteo.com static.criteo.net
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 palibzh.tech pahter.tech
1 static.cloudflareinsights.com www.hespress.com
1 pahter.tech www.hespress.com
66 21
Subject Issuer Validity Valid
hespress.com
WE1		 2024-08-03 -
2024-11-01		 3 months crt.sh
pahter.tech
WE1		 2024-08-11 -
2024-11-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
palibzh.tech
WE1		 2024-08-06 -
2024-11-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-08 -
2024-09-06		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-27 -
2024-09-24		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
WR3		 2024-07-18 -
2024-10-16		 3 months crt.sh
*.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-26 -
2024-11-20		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.hespress.com/
Frame ID: 89B35A10FFBA29B21DD0E7CCA2AD79E7
Requests: 60 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 3015FBADB2C5E791303EE706283F5187
Requests: 1 HTTP requests in this frame

Frame: https://db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B56E4D70E38021DF03A2992F18604A5A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-P97QV0GBGK&gacid=1275710024.1725024692&gtm=45je48s0v869673765z878625843za200zb78625843&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1832970385
Frame ID: 8C2DDBAED460D88D886D7561C0F9262E
Requests: 1 HTTP requests in this frame

Frame: https://db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8EED0438AFF90A7472A6C1D89F421406
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.hespress.com
Frame ID: AEA3E9597310B6D914EE9C98C621F5D3
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 1DB1BF3622F649DC2B24A042AB00387A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hespress - هسبريس جريدة إلكترونية مغربية

Page URL History Show full URLs

  1. http://www.hespress.com/ HTTP 307
    https://www.hespress.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

66
Requests

98 %
HTTPS

62 %
IPv6

17
Domains

21
Subdomains

21
IPs

2
Countries

2478 kB
Transfer

4954 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hespress.com/ HTTP 307
    https://www.hespress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F&rid=esp&cc=1

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hespress.com/
Redirect Chain
  • http://www.hespress.com/
  • https://www.hespress.com/
247 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
80e01801427f0d94cc90efb6408471821837ca9404ce3bf385033f0958075e3d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
36
cf-cache-status
HIT
cf-ray
8bb5242afdfd2ec1-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Aug 2024 13:31:27 GMT
last-modified
Fri, 30 Aug 2024 13:30:00 GMT
server
cloudflare
vary
Accept-Encoding
x-nginx-cache
HIT US
x-powered-by
PHP/7.4.13

Redirect headers

Location
https://www.hespress.com/
Non-Authoritative-Reason
HttpsUpgrades
Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
14235756
etag
W/"6567ba7a-89c8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8bb5242f38402f44-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
5188816
etag
W/"6567ba7a-8bd4"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8bb5242f38442f44-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
14235756
etag
W/"6567ba7a-8cc8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8bb5242f38452f44-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
hespress.com.js
pahter.tech/c/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahter.tech/c/hespress.com.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
B799GSC5XSM799YX
age
3651
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2289
x-amz-id-2
cfUeslcVeNV4Fvu9yPmigWUb/vqd99VjFDchS4pMkk50pVmNjioSRX96xbwNysZJORiMxxpp2SR1ivxbQNalZlSz9/+tenw7R/v9qNXSE3w=
last-modified
Thu, 08 Feb 2024 12:06:52 GMT
server
cloudflare
etag
"3f02c9d26139d05930116dc637a9e68e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iNLMiKxJrS4cTwDYv%2BeO0gqFRNT9dsH8CtnyMIXIobQaR3BADFtFj2m%2BhgpS%2FFj%2FJlk%2B0AlbZ7zoRgndSbtfVCXSirIA2ubcJSS%2FcVxvr%2BsXzJKFTnqIYSl%2BkHjkkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bb5242e4efe7d76-LAX
desktop.css
i1.hespress.com/wp-content/themes/hespressar/css/ 		401 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a073272c87a95c418d0b18a9a0abaa777530ba4fd1c3ef91b6e1344f1e41be

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 28 Jun 2024 23:21:34 GMT
server
cloudflare
age
5407608
cf-polished
origSize=412232
etag
W/"667f457e-64a48"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
8bb5242cc8432ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		103 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
496407a868257811c83e93f49a9125bcd924669c8f49b42905435cd7d56479f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32508
x-xss-protection
0
server
cafe
etag
16 / 19965 / m202408260101 / config-hash: 2309242894128708444
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Aug 2024 13:31:28 GMT
elections-copie-3.jpg
i1.hespress.com/wp-content/uploads/2021/06/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2021/06/elections-copie-3.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2c8216eb3b8caacac68c607f1e8203b9f0f69aa57f55ab4d9c491e5965e01f4

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
cf-cache-status
HIT
age
1680
cf-polished
degrade=85, origSize=160270, status=webp_bigger
content-length
82405
cf-bgj
imgq:85,h2pri
last-modified
Tue, 08 Jun 2021 20:45:30 GMT
server
cloudflare
etag
"60bfd6ea-2720e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5242cc8442ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
ethiopie-militaire-armee.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/ethiopie-militaire-armee.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca59070ca4184b8dbb744ff9e1e548815df9f4615ee02d69b90fa46e8b51af69

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
cf-cache-status
HIT
age
4855
cf-polished
qual=85, origFmt=jpeg, origSize=89657
content-disposition
inline; filename="ethiopie-militaire-armee.webp"
content-length
50238
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 13:56:57 GMT
server
cloudflare
etag
"66d1cfa9-15e39"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5242cc8452ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.2.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 12:53:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6546
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Aug 2025 12:53:29 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.2.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 06:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10840
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 30 Aug 2025 06:32:26 GMT
script.min.js
i1.hespress.com/wp-content/themes/hespressar/js/ 		210 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.52
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a01529fb33b0c4ae0a1c4017a26a24641d2109386d0655bb1252d2ac8474af3e

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 Jun 2024 23:21:34 GMT
server
cloudflare
age
5407738
etag
W/"667f457e-34973"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
8bb5242f0ae42ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://www.hespress.com/
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8bb5243198922f71-LAX
gtm.js
www.googletagmanager.com/ 		202 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8176500574bf8ad9ee7c0b0038728a43380b89beb3ace9a86ac32d2e898559d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73691
x-xss-protection
0
last-modified
Fri, 30 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Aug 2024 13:31:29 GMT
sprite.svg
www.hespress.com/wp-content/themes/hespressar/ 		215 KB
57 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/wp-content/themes/hespressar/sprite.svg?6.52
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=300
cf-ray
8bb5242f0ae62ec1-LAX
expires
Fri, 30 Aug 2024 13:36:28 GMT
projectagora.min.js
palibzh.tech/libs/ 		386 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palibzh.tech/libs/projectagora.min.js
Requested by
Host: pahter.tech
URL: https://pahter.tech/c/hespress.com.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad7c056a84b856d1891583faacba535c3e8761654dadd0fa218902cb02d71eb

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HJTT0BEX9R7G1BWH
age
4990
x-amz-server-side-encryption
AES256
x-amz-meta-version
3.34.1
alt-svc
h3=":443"; ma=86400
content-length
110046
x-amz-id-2
1KR9rRZyHwVybTsw8yum31Akl37A9VhtTWCdE8pUM8BhJRHLs8hwbjLfXRLQCnsWzf/s/zhtqkE=
last-modified
Wed, 28 Aug 2024 12:03:52 GMT
server
cloudflare
etag
"a593222610a8c0a326b820633b44c334"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFqhxgk5awvueFtdxDENWE3TF%2FFjFBrWoPYp7%2FrF1rLZ88d%2FaJtVt3jCukrL6fD45BX%2F7oC9HEi4roDgVwdo1934vZ7KsmJouCsQz9q5oDV6p6KrVYSA9UQ%2FedghFoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8bb524310dcf7d6b-LAX
sprite.svg
i1.hespress.com/wp-content/themes/hespressar/ 		215 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.52
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
261
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
8bb5242f9b712ec1-LAX
expires
Fri, 30 Aug 2024 13:36:28 GMT
shows-bg.jpg
i1.hespress.com/wp-content/themes/hespress/img/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespress/img/shows-bg.jpg
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7

Request headers

Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
cf-cache-status
HIT
age
5005848
cf-polished
qual=85, origFmt=jpeg, origSize=125674
content-disposition
inline; filename="shows-bg.webp"
content-length
42292
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 15:00:22 GMT
server
cloudflare
etag
"64527706-1eaea"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5242fbb9d2ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholder.png
i1.hespress.com/wp-content/themes/hespressar/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/img/placeholder.png
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808

Request headers

Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:28 GMT
cf-cache-status
HIT
age
1468471
cf-polished
origFmt=png, origSize=4471
content-disposition
inline; filename="placeholder.webp"
content-length
3412
cf-bgj
imgq:85,h2pri
last-modified
Sat, 14 Nov 2020 22:53:56 GMT
server
cloudflare
etag
"5fb06004-1177"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb5242fbb9e2ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
weathericons-regular.otf
i1.hespress.com/wp-content/themes/hespress/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/weathericons-regular.otf
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0

Request headers

Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.52
Origin
https://www.hespress.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 06:25:03 GMT
server
cloudflare
age
14226063
etag
"5fcf1c3f-d360"
vary
Accept-Encoding
content-type
application/x-font-otf
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52434cd942f44-LAX
content-length
54112
expires
Thu, 31 Dec 2037 23:55:55 GMT
hamza.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/hamza.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe37752cde309f1f686617252fcbe9432d08e72c49e9e248268cffe20fe001a7

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
232161
cf-polished
qual=85, origFmt=jpeg, origSize=98877
content-disposition
inline; filename="hamza.webp"
content-length
81038
cf-bgj
imgq:85,h2pri
last-modified
Tue, 27 Aug 2024 22:02:09 GMT
server
cloudflare
etag
"66ce4ce1-1823d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f762ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
KIf.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/KIf.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ff1c3d1c49146d6664c1f466319044a248493275a42e7fc9b949788edf4c47

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
119580
cf-polished
degrade=85, origSize=158233, status=webp_bigger
content-length
58566
cf-bgj
imgq:85,h2pri
last-modified
Tue, 27 Aug 2024 21:52:10 GMT
server
cloudflare
etag
"66ce4a8a-26a19"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f7c2ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
maroc.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/maroc.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c4599d035693583167b496debdecfaf3c1d6affeb166a5a34c46cd39fa1c4cd

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
577323
cf-polished
qual=85, origFmt=jpeg, origSize=107133
content-disposition
inline; filename="maroc.webp"
content-length
73990
cf-bgj
imgq:85,h2pri
last-modified
Fri, 23 Aug 2024 21:40:48 GMT
server
cloudflare
etag
"66c901e0-1a27d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f7e2ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
hakona-batata.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/hakona-batata.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85ad4cddbf44e81505ede9fffe8cccdd44f4685007a9b410aeef1c5bd9e3f22

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
664096
cf-polished
qual=85, origFmt=jpeg, origSize=94921
content-disposition
inline; filename="hakona-batata.webp"
content-length
65374
cf-bgj
imgq:85,h2pri
last-modified
Thu, 22 Aug 2024 22:37:18 GMT
server
cloudflare
etag
"66c7bd9e-172c9"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f7f2ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hanane.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Hanane.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d4049b84b5928a84edbd20ef8df0a9959a2a91890857a79c1fd0e70770b587

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
750539
cf-polished
degrade=85, origSize=174114, status=webp_bigger
content-length
64554
cf-bgj
imgq:85,h2pri
last-modified
Wed, 21 Aug 2024 20:51:46 GMT
server
cloudflare
etag
"66c65362-2a822"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f802ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
mpox.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/mpox.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad8ac8587dc09a7d740f9e5a306544ebab546575962f7db937ad4e2ccdbd0f8

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
1096164
cf-polished
degrade=85, origSize=95568, status=webp_bigger
content-length
80808
cf-bgj
imgq:85,h2pri
last-modified
Sat, 17 Aug 2024 18:04:58 GMT
server
cloudflare
etag
"66c0e64a-17550"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f832ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
parking-1.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/parking-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
245bb37b86c200540b43846e6dacb832fcaed9bdf325732a00bf7c5f08439ffa

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
1182329
cf-polished
degrade=85, origSize=95705, status=webp_bigger
content-length
78006
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Aug 2024 20:04:46 GMT
server
cloudflare
etag
"66bfb0de-175d9"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f842ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
benaissa_ep7.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/benaissa_ep7.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
684de390bc25cf90e6954aa0eaa0e501f332ff56db44e183bc7ad87b613b5de8

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
1263363
cf-polished
degrade=85, origSize=181097, status=webp_bigger
content-length
72966
cf-bgj
imgq:85,h2pri
last-modified
Fri, 16 Aug 2024 00:27:29 GMT
server
cloudflare
etag
"66be9cf1-2c369"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f862ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
Maladie-rare.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Maladie-rare.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a678f2b1553dba269d1a9b5eaa6b319318deb25ec774e9701dfb8c5edc1754d

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
2833
cf-polished
qual=85, origFmt=jpeg, origSize=100837
content-disposition
inline; filename="Maladie-rare.webp"
content-length
79028
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 12:37:58 GMT
server
cloudflare
etag
"66d1bd26-189e5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f882ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
Youabad-1.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Youabad-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60854517d9de70a5ccb71398c1c530df275a291550885127bfc6ea3a71c0be49

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
6468
cf-polished
qual=85, origFmt=jpeg, origSize=69074
content-disposition
inline; filename="Youabad-1.webp"
content-length
41036
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 13:47:56 GMT
server
cloudflare
etag
"66d1cd8c-10dd2"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb524336f892ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
hlimi.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/hlimi.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec8c2c88d96a4f64dc518a9efe505a01b6c9f98ae16b2bc81254e35d94aea24

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
9213
cf-polished
qual=85, origFmt=jpeg, origSize=63067
content-disposition
inline; filename="hlimi.webp"
content-length
34594
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 12:43:39 GMT
server
cloudflare
etag
"66d1be7b-f65b"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433dff52ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
foum-al-ansar.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/foum-al-ansar.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27c92675ae4b9f554b0c032b104f69e559d6be67879b066ca7fbe5fd00d292b

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
11017
cf-polished
qual=85, origFmt=jpeg, origSize=78230
content-disposition
inline; filename="foum-al-ansar.webp"
content-length
50132
cf-bgj
imgq:85,h2pri
last-modified
Fri, 30 Aug 2024 12:07:01 GMT
server
cloudflare
etag
"66d1b5e5-13196"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433dff62ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
hcp_hlimi.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/hcp_hlimi.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec87b0f93e3a2df465ead33e439b3a6a4e293575100dcec53305e5e1fce901a

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
62046
cf-polished
qual=85, origFmt=jpeg, origSize=46962
content-disposition
inline; filename="hcp_hlimi.webp"
content-length
25560
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 21:45:04 GMT
server
cloudflare
etag
"66d0ebe0-b772"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433dff92ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
kenza.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/kenza.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b43b3c99e34e784044aaf0dfed1d0301506703eee2da14fffec4a5c954f84bd7

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
68055
cf-polished
degrade=85, origSize=100538, status=webp_bigger
content-length
85477
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 20:15:09 GMT
server
cloudflare
etag
"66d0d6cd-188ba"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433dffa2ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
Baitas.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Baitas.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cc55bca7800937f0800a8804ab98ceca7068f9a5b8b1dd227efab6aef5d156c

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
80480
cf-polished
qual=85, origFmt=jpeg, origSize=83010
content-disposition
inline; filename="Baitas.webp"
content-length
59336
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 17:04:57 GMT
server
cloudflare
etag
"66d0aa39-14442"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433dffb2ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
Aziz-Akhannouch-1.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Aziz-Akhannouch-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad8f5e5e5a0772f8c3cc62d3845cdc771970552d3829dea131a58765439d545

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
86543
cf-polished
qual=85, origFmt=jpeg, origSize=109512
content-disposition
inline; filename="Aziz-Akhannouch-1.webp"
content-length
81312
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 15:26:29 GMT
server
cloudflare
etag
"66d09325-1abc8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433dffd2ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
INVEST.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/INVEST.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d17cc494d88e4a15a21585336a997c0d88e7d0988e0ee195607d2c42c81ff97c

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
1469034
cf-polished
qual=85, origFmt=jpeg, origSize=187725
content-disposition
inline; filename="INVEST.webp"
content-length
24034
cf-bgj
imgq:85,h2pri
last-modified
Mon, 12 Aug 2024 11:38:15 GMT
server
cloudflare
etag
"66b9f427-2dd4d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433dffe2ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
bakkali.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/08/bakkali.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0eba8a5fa79a27e84ef8a8872a18c2dae010ddc9364d82640f65e3d6db42b5

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 14 Aug 2024 02:32:41 GMT
server
cloudflare
age
1428807
cf-polished
degrade=85, origSize=17247, status=webp_bigger
etag
"66bc1749-435f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433dfff2ec1-LAX
content-length
11272
expires
Thu, 31 Dec 2037 23:55:55 GMT
abdeslam-ahizoun1.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/08/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/08/abdeslam-ahizoun1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c141b9cdfaabac40c6baff5e3610a81949d592e8c48f2ca5230b90ab65f4592d

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
656516
cf-polished
qual=85, origFmt=jpeg, origSize=41584
content-disposition
inline; filename="abdeslam-ahizoun1.webp"
content-length
7900
cf-bgj
imgq:85,h2pri
last-modified
Tue, 13 Aug 2024 23:32:31 GMT
server
cloudflare
etag
"66bbed0f-a270"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433d8012ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
sccm-1.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/sccm-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540c91e25c979e4b0375c87818b560811e0540e834a86691667b093c8330ce7c

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
46184
cf-polished
degrade=85, origSize=120735, status=webp_bigger
content-length
82034
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 15:08:51 GMT
server
cloudflare
etag
"66d08f03-1d79f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433d8022ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
khannous-leicester-city.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/khannous-leicester-city.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1615289647bbb0c09a664f3384c64f448abacd93eaaf93e64703c1e25145e536

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
56134
cf-polished
qual=85, origFmt=jpeg, origSize=75480
content-disposition
inline; filename="khannous-leicester-city.webp"
content-length
42396
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 23:32:33 GMT
server
cloudflare
etag
"66d10511-126d8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433d8042ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
Champions-League.jpg
i1.hespress.com/wp-content/uploads/2024/08/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/08/Champions-League.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cfefbfb8c1be0555f5c618833ac3f6f543136765de0b91f032d233acebf9154

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:29 GMT
cf-cache-status
HIT
age
71575
cf-polished
qual=85, origFmt=jpeg, origSize=136613
content-disposition
inline; filename="Champions-League.webp"
content-length
86822
cf-bgj
imgq:85,h2pri
last-modified
Thu, 29 Aug 2024 19:35:59 GMT
server
cloudflare
etag
"66d0cd9f-215a5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8bb52433d8052ec1-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.hespress.com/ 		111 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/?weather_and_prayer
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
bb611f4a1847a0f1b876e27a4550e15756114f8143f621db1fe251d8090001aa

Request headers

Accept
*/*
Referer
https://www.hespress.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:30 GMT
content-encoding
br
x-nginx-cache
HIT US
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.13
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8bb5243af8782ec1-LAX
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/ 		479 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
083e2c896a1125c9122ae8e75e0297d77602f86508c18522d001e3448817a748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 12:17:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
4454
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
152842
x-xss-protection
0
server
cafe
etag
9007519824101205236
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 30 Aug 2025 12:17:16 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e550fb9c80ac3fb2a887cb922047153600228d93664c58e34656eab38167802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104417
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Aug 2024 13:31:31 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Aug 2024 13:31:32 GMT
document-policy
force-load-at-top
x-fb-server-load
36
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58936
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
MODERATE; q=0.3, rtt=169, rtx=0, c=26, mss=1232, tbw=8174, tp=15, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
Jman0zBJOyzYp1K2E3aeks52B4xb1F9zth9XTjGAbs17ckIJIN1Q+yj72OvbllfEOzxdxhXRNtVogbpftvCcBQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 3015 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
15
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29367
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 13:31:17 GMT
expires
Fri, 30 Aug 2024 14:21:17 GMT
last-modified
Mon, 26 Aug 2024 19:48:13 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Aug 2024 13:31:32 GMT
x-content-type-options
nosniff
content-encoding
br
age
16160
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-lax-kwhp1940139-LAX
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 11 Jul 2024 14:14:53 GMT
server
nginx
etag
W/"668fe8dd-a6cc"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 31 Aug 2024 13:31:32 GMT
ob.js
cdn-ima.33across.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 27 Aug 2024 20:25:40 GMT
server
cloudflare
age
233297
etag
W/"66ce3644-43df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8bb52447fd98522b-LAX
expires
Mon, 02 Sep 2024 13:31:32 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 29 Aug 2024 19:46:34 GMT
content-encoding
gzip
age
63898
x-guploader-uploadid
AHxI1nNIXokKui95KZ2UFXrEcP2WXlcx6kke3uWktWV9oGGk4hDxDaUO4yAnX3OnNyam-Oqx8n3t5jFUDw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 29 Aug 2025 19:46:34 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3447617596174641&correlator=1906171499840243&eid=44809527%2C31085376%2C31084130%2C31086223%2C31086136&output=ldjh&gdfp_req=1&vrg=202408260101&ptt=17&impl=fif&iu_parts=153418548%2Cbillboard_btf_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90%7C940x230&ifi=1&didk=1711791774&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1725024691550&lmt=1725024600&adxs=315&adys=686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x16&msz=970x0&fws=4&ohw=1366&td=1&egid=11930&tan=db39c91b-c0d6-4ec9-bbb1-50f8c7209ed0&tdf=2&topics=9&tps=9&htps=10&a3p=EhsKDDMzYWNyb3NzLmNvbRi-yu-bmjJIAFICCGQSGQoKcHViY2lkLm9yZxi6yu-bmjJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yu8rvm5oySABSAghkEhQKBW9wZW54GL7K75uaMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725024688012&idt=3295&adks=4098979368&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
7b8215fc04d88a31be4f07099474c58e6efebe9c6e0348131eac441b80375634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10399
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B56E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 13:31:32 GMT
expires
Fri, 30 Aug 2024 13:31:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		753 B
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3447617596174641&correlator=1906171499840243&eid=44809527%2C31085376%2C31084130%2C31086223%2C31086136&output=ldjh&gdfp_req=1&vrg=202408260101&ptt=17&impl=fif&iu_parts=153418548%2Cmega_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=2&didk=2462911251&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1725024691587&lmt=1725024600&adxs=315&adys=135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x0&msz=970x0&fws=4&ohw=1366&td=1&egid=11930&tan=db39c91b-c0d6-4ec9-bbb1-50f8c7209ecf&tdf=2&topics=9&tps=9&htps=10&a3p=EhsKDDMzYWNyb3NzLmNvbRi-yu-bmjJIAFICCGQSGQoKcHViY2lkLm9yZxi6yu-bmjJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yu8rvm5oySABSAghkEhQKBW9wZW54GL7K75uaMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725024688012&idt=3295&adks=337753859&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
bfa89af84372a8b2d9cad3482f1ccf7da64d2e6218a4ac300d6a2307d85d12a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
331
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		749 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3447617596174641&correlator=1906171499840243&eid=44809527%2C31085376%2C31084130%2C31086223%2C31086136&output=ldjh&gdfp_req=1&vrg=202408260101&ptt=17&impl=fif&iu_parts=153418548%2Ccode_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&didk=525783152&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1725024691594&lmt=1725024600&adxs=1599&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1600x6916&msz=1x-1&fws=0&ohw=0&td=1&egid=11930&tan=db39c91b-c0d6-4ec9-bbb1-50f8c7209ece&tdf=2&topics=9&tps=9&htps=10&a3p=EhsKDDMzYWNyb3NzLmNvbRi-yu-bmjJIAFICCGQSGQoKcHViY2lkLm9yZxi6yu-bmjJIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yu8rvm5oySABSAghkEhQKBW9wZW54GL7K75uaMkgAUgIIZA..&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725024688012&idt=3295&adks=432670791&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
1722b5c9b7809581afd845efa08efa77d621166eb1ac7185aedd6743722ed7a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je48s0v869673765z878625843za200zb78625843&_p=1725024688414&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1275710024.1725024692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1725024691&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=4568
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 13:31:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P97QV0GBGK&cid=1275710024.1725024692&gtm=45je48s0v869673765z878625843za200zb78625843&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 13:31:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame 8C2D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-P97QV0GBGK&gacid=1275710024.1725024692&gtm=45je48s0v869673765z878625843za200zb78625843&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1832970385
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 13:31:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
447079109144639
connect.facebook.net/signals/config/ 		72 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/447079109144639?v=2.9.166&r=stable&domain=www.hespress.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
0c3ce0dec7b676e77ce459b7d8e7b33f62f44f93dc123549cb3a7a1dd0a88d6d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Aug 2024 13:31:32 GMT
document-policy
force-load-at-top
x-fb-server-load
45
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14706
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=140, rtx=0, c=66, mss=1232, tbw=70782, tp=68, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
dd28lKDBZtRyRrkzzHRtqfdRcMA2nHBkQK4PNbG3z+vIDzsUK9TkOYTWUZP0wXoRTncqe7nBp/UnPHAUR/rryw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F&rid=esp&cc=1
85 B
194 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F&rid=esp&cc=1
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c596f27fe5a31aa7cc3607492a6baa0b2169397f830db4a9cbff3ae850abefc2

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 13:31:33 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-XXVOZ6rgZ5tx05NVv/zpBSdcfoU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hespress.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 30 Aug 2024 13:31:32 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.hespress.com
location
/esp?url=https%3A%2F%2Fwww.hespress.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1725024692604&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1725024692580.838392729210761458&cs_est=true&ler=empty&cdl=API_unavailable&it=1725024692293&coo=false&rqm=GET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=138, rtx=0, c=10, mss=1297, tbw=2824, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Aug 2024 13:31:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1725024692604&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1725024692580.838392729210761458&cs_est=true&ler=empty&cdl=API_unavailable&it=1725024692293&coo=false&rqm=FGET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Fri, 30 Aug 2024 13:31:33 GMT
document-policy
force-load-at-top
x-fb-server-load
26
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408924642581090195", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=138, rtx=0, c=10, mss=1297, tbw=3138, tp=-1, tpl=-1, uplat=61, ullat=0
pragma
no-cache
x-fb-debug
PjDW/iXZnjilyV3FZx3cwYp3kKDt1qjq7YM9lt0NP8bwh3Zt0w8DjlRZr8cESxYIAz/bZeDCSJZrupuSgjrf/A==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408924642581090195"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
container.html
db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8EED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408260101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 13:31:32 GMT
expires
Fri, 30 Aug 2024 13:31:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame AEA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.hespress.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Aug 2024 13:31:33 GMT
server
Kestrel
server-processing-duration-in-ticks
339013
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
pd
google-bidout-d.openx.net/w/1.0/ Frame 1DB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
452
content-type
text/html
date
Fri, 30 Aug 2024 13:31:34 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je48s0v869673765za200zb78625843&_p=1725024688414&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1275710024.1725024692&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1725024691&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=ad_impression&ep.query_id=CL_7g-DpnIgDFfOVywEd1SoAiA&_et=1259&tfd=10862
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.hespress.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 13:31:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| refreshAds object| googletag object| dataLayer object| TWAGORAINARTICLE object| firebase object| config function| downloadAdsenseAtOnload object| notificationApp string| popover_message string| popover_accept_text string| popover_reject_text string| popover_icon_path object| comment_lang string| copyLink string| newsletterApiId object| notificationConf object| hespress object| ggeac object| google_tag_data object| google_js_reporting_queue function| iFrameResize object| ProjectAgora object| google_tag_manager function| fbq function| _fbq object| __cfBeacon object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| ox_esp object| _33across object| pbjs object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_156 object| Criteo object| Criteo_identitytag_156 function| arrive function| unbindArrive function| leave function| unbindLeave

24 Cookies

Domain/Path Name / Value
.hespress.com/ Name: _ga
Value: GA1.1.1275710024.1725024692
.hespress.com/ Name: _fbp
Value: fb.1.1725024692580.838392729210761458
.hespress.com/ Name: _ga_P97QV0GBGK
Value: GS1.1.1725024691.1.0.1725024692.59.0.0
.openx.net/ Name: i
Value: 72b3d0de-c0ac-46ca-b3a2-2ff00259c2d1|1725024692
.hespress.com/ Name: __gads
Value: ID=ada28ec7c8c84e50:T=1725024692:RT=1725024692:S=ALNI_Mab9IebLApdOAwcW76XrbMmpvEFAA
.hespress.com/ Name: __gpi
Value: UID=00000ed8edc7e194:T=1725024692:RT=1725024692:S=ALNI_Ma9GqEznWdqbLLDMeQw4g3XhfdmrA
.hespress.com/ Name: __eoi
Value: ID=bef2f99692291e39:T=1725024692:RT=1725024692:S=AA-Afjbr9JD9bpyreHyPLCOBG-Bq
.openx.net/ Name: pd
Value: v2|1725024694|vMgavPkWgy
.criteo.com/ Name: uid
Value: 34831d21-5226-4519-872d-c5523dde900b
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUkUdQbvhe6KZ1U3T3sM5GirFf04QEhMM05vVHgGHW8l_HUFXAuNd0qZbCdI
.doubleclick.net/ Name: APC
Value: AfxxVi4P1KxXNwU5-zKTTcudbW7rp_BKRvDcbHIe9X0ql5hEgVUWLQ
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: CMID
Value: ZtHJt9HM4bMAAEcwAEhrYgAA
.casalemedia.com/ Name: CMPS
Value: 2497
.casalemedia.com/ Name: CMPRO
Value: 2497
.adsrvr.org/ Name: TDID
Value: 70ec840d-d033-48d8-91df-4515ac48a4f6
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiC0uHN2cCkPRAFOAE.
.yahoo.com/ Name: A3
Value: d=AQABBLfJ0WYCEHwnj9h5ucATflgqZ8KASmoFEgEBAQEb02bbZgAAAAAA_eMAAA&S=AQAAAnuKRJPVwHCyxX4RdOSwWcI
.amazon-adsystem.com/ Name: ad-id
Value: A-V3j-_YZUxrs_qExVCZkv8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.hespress.com/ Name: cto_bundle
Value: rCCw2V9LQXdKbVpRQjB2UG1sS0R6WW8yZTd4RkVYJTJGNW1XNlRUQ0ZiJTJGN0xzcUpqVnVaQ0VIVEs3N2Y1NHNncU9vSHRWS0gwbGR1WVRkYnZHMzZYVkclMkZTQmdTV3VxRkJxR2hYbGZCUWRrNElLa1I0V2NocW9GRHZEbGw3UHdhU0xwS29HVWVhRlNPbm9IbDZOZmxhUDN2c2M3cEg4Mjh2eVFma2liU2JMdXNUY0RNJTJGSSUzRA
.doubleclick.net/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn-ima.33across.com
cdn.jsdelivr.net
connect.facebook.net
db10c2942937ea8ce03a4eec968339fe.safeframe.googlesyndication.com
google-bidout-d.openx.net
gum.criteo.com
i1.hespress.com
oa.openxcdn.net
oajs.openx.net
pahter.tech
palibzh.tech
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.googletagmanager.com
www.gstatic.com
www.hespress.com
104.18.35.167
142.250.65.226
157.240.241.1
172.67.138.21
172.67.181.58
2606:4700::6810:4f49
2606:4700::6812:16c4
2606:4700::6812:17c4
2607:f8b0:4004:c06::9d
2607:f8b0:4006:80a::2001
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::2003
2620:100:a00b::12
2620:100:a00b::4
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::485
34.102.146.192
34.120.107.143
34.98.64.218
05d4049b84b5928a84edbd20ef8df0a9959a2a91890857a79c1fd0e70770b587
083e2c896a1125c9122ae8e75e0297d77602f86508c18522d001e3448817a748
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
0c3ce0dec7b676e77ce459b7d8e7b33f62f44f93dc123549cb3a7a1dd0a88d6d
1615289647bbb0c09a664f3384c64f448abacd93eaaf93e64703c1e25145e536
16be413330bc623ba0e70a989f2757fa2f18cb12efa140a6368a0b5b09b59df7
1722b5c9b7809581afd845efa08efa77d621166eb1ac7185aedd6743722ed7a0
1ad8f5e5e5a0772f8c3cc62d3845cdc771970552d3829dea131a58765439d545
1c0eba8a5fa79a27e84ef8a8872a18c2dae010ddc9364d82640f65e3d6db42b5
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98
1cfefbfb8c1be0555f5c618833ac3f6f543136765de0b91f032d233acebf9154
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808
245bb37b86c200540b43846e6dacb832fcaed9bdf325732a00bf7c5f08439ffa
276dfaa2390543f63fe63b939b9c8d33768b297b93b433330c9648cf97c5c6cf
2e550fb9c80ac3fb2a887cb922047153600228d93664c58e34656eab38167802
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
3cc55bca7800937f0800a8804ab98ceca7068f9a5b8b1dd227efab6aef5d156c
496407a868257811c83e93f49a9125bcd924669c8f49b42905435cd7d56479f1
4a678f2b1553dba269d1a9b5eaa6b319318deb25ec774e9701dfb8c5edc1754d
540c91e25c979e4b0375c87818b560811e0540e834a86691667b093c8330ce7c
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
60854517d9de70a5ccb71398c1c530df275a291550885127bfc6ea3a71c0be49
684de390bc25cf90e6954aa0eaa0e501f332ff56db44e183bc7ad87b613b5de8
7ad7c056a84b856d1891583faacba535c3e8761654dadd0fa218902cb02d71eb
7b8215fc04d88a31be4f07099474c58e6efebe9c6e0348131eac441b80375634
80e01801427f0d94cc90efb6408471821837ca9404ce3bf385033f0958075e3d
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a2ab36c83d5d55e311fbf787dbc7de0a17b89eb0b30b1772f518a79db334001
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
8ec8c2c88d96a4f64dc518a9efe505a01b6c9f98ae16b2bc81254e35d94aea24
9c4599d035693583167b496debdecfaf3c1d6affeb166a5a34c46cd39fa1c4cd
a01529fb33b0c4ae0a1c4017a26a24641d2109386d0655bb1252d2ac8474af3e
a2c8216eb3b8caacac68c607f1e8203b9f0f69aa57f55ab4d9c491e5965e01f4
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b43b3c99e34e784044aaf0dfed1d0301506703eee2da14fffec4a5c954f84bd7
b4a073272c87a95c418d0b18a9a0abaa777530ba4fd1c3ef91b6e1344f1e41be
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
bb611f4a1847a0f1b876e27a4550e15756114f8143f621db1fe251d8090001aa
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6
bfa89af84372a8b2d9cad3482f1ccf7da64d2e6218a4ac300d6a2307d85d12a6
c141b9cdfaabac40c6baff5e3610a81949d592e8c48f2ca5230b90ab65f4592d
c27c92675ae4b9f554b0c032b104f69e559d6be67879b066ca7fbe5fd00d292b
c596f27fe5a31aa7cc3607492a6baa0b2169397f830db4a9cbff3ae850abefc2
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
c85ad4cddbf44e81505ede9fffe8cccdd44f4685007a9b410aeef1c5bd9e3f22
ca59070ca4184b8dbb744ff9e1e548815df9f4615ee02d69b90fa46e8b51af69
cec87b0f93e3a2df465ead33e439b3a6a4e293575100dcec53305e5e1fce901a
d17cc494d88e4a15a21585336a997c0d88e7d0988e0ee195607d2c42c81ff97c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ff1c3d1c49146d6664c1f466319044a248493275a42e7fc9b949788edf4c47
e8176500574bf8ad9ee7c0b0038728a43380b89beb3ace9a86ac32d2e898559d
fad8ac8587dc09a7d740f9e5a306544ebab546575962f7db937ad4e2ccdbd0f8
fe37752cde309f1f686617252fcbe9432d08e72c49e9e248268cffe20fe001a7