www.hespress.com Open in urlscan Pro
2606:4700::6812:17c4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9...
Effective URL:
https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9...
Submission: On March 02 via manual (March 2nd 2024, 7:56:54 pm UTC) from EG — Scanned from DE

Summary HTTP 137 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 27 domains to perform 137 HTTP transactions. The main IP is 2606:4700::6812:17c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hespress.com. The Cisco Umbrella rank of the primary domain is 597325.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2023. Valid for: a year.

This is the only time www.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2606:4700::68... 2606:4700::6812:17c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:16c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:b53a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:5ea5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	104.68.68.28 104.68.68.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.19.120.9 2.19.120.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.244.18.79 18.244.18.79	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:217... 2600:9000:2171:a600:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2.22.40.43 2.22.40.43	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.66.95.67 3.66.95.67	16509 (AMAZON-02) (AMAZON-02)
137	41

20 2606:4700::6812:17c4 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hespress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.hespress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:16c4 (United States)

ASN13335 (CLOUDFLARENET, US)

i1.hespress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:b53a (United States)

ASN13335 (CLOUDFLARENET, US)

pahter.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5ea5 (United States)

ASN13335 (CLOUDFLARENET, US)

palibzh.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.82 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.68.68.28 (Brussels, Belgium)

ASN16625 (AKAMAI-AS, US)
PTR: a104-68-68-28.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.120.9 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-120-9.deploy.static.akamaitechnologies.com

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-79.fra56.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2171:a600:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.22.40.43 (Liljeholmen, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: a2-22-40-43.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.95.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-95-67.eu-central-1.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 161	443 KB
23	hespress.com www.hespress.com — Cisco Umbrella Rank: 597325 i1.hespress.com — Cisco Umbrella Rank: 437586	1 MB
17	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 ad.doubleclick.net — Cisco Umbrella Rank: 158	276 KB
10	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 1086 cdn.flashtalking.com — Cisco Umbrella Rank: 1356 ad-events.flashtalking.com — Cisco Umbrella Rank: 1417 stat.flashtalking.com — Cisco Umbrella Rank: 1457 secure.flashtalking.com — Cisco Umbrella Rank: 2588	102 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 397	207 KB
8	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2656 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647 www.google.com — Cisco Umbrella Rank: 2	124 KB
4	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3277 data.ad-score.com — Cisco Umbrella Rank: 2910	165 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	191 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 466 mug.criteo.com — Cisco Umbrella Rank: 3065	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2186 google-bidout-d.openx.net — Cisco Umbrella Rank: 2171	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6744	669 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	264 KB
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1700 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1470	29 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 256	2 KB
2	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	21 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	6 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1845	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1235	6 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 677	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	1 KB
1	palibzh.tech palibzh.tech — Cisco Umbrella Rank: 49819	103 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
1	pahter.tech pahter.tech — Cisco Umbrella Rank: 383877	3 KB
137	27

	Domain	Requested by
20	i1.hespress.com	www.hespress.com i1.hespress.com
17	pagead2.googlesyndication.com	www.hespress.com pagead2.googlesyndication.com securepubads.g.doubleclick.net 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.hespress.com 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com googleads.g.doubleclick.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com www.hespress.com
5	securepubads.g.doubleclick.net	www.hespress.com securepubads.g.doubleclick.net
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	www.google.com	1 redirects www.hespress.com tpc.googlesyndication.com
3	stat.flashtalking.com
3	data.ad-score.com	js.ad-score.com
3	cdn.flashtalking.com	ajs-assets.ftstatic.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	www.google.de	www.hespress.com
3	www.googletagmanager.com	www.hespress.com www.googletagmanager.com
3	www.hespress.com	www.hespress.com static.cloudflareinsights.com
2	ad-events.flashtalking.com
2	ib.adnxs.com	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	fonts.gstatic.com	www.hespress.com
2	www.facebook.com	www.hespress.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.hespress.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	connect.facebook.net	www.hespress.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	www.hespress.com
1	secure.flashtalking.com
1	js.ad-score.com	ajs-assets.ftstatic.com
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	servedby.flashtalking.com	0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
1	ad.doubleclick.net	0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
1	lh3.googleusercontent.com	www.hespress.com
1	fonts.googleapis.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	www.hespress.com
1	region1.analytics.google.com	www.googletagmanager.com
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	palibzh.tech	pahter.tech
1	static.cloudflareinsights.com	www.hespress.com
1	pahter.tech	www.hespress.com
137	45

This site contains links to these domains. Also see Links.

Domain
fr.hespress.com
en.hespress.com
www.twitter.com
bit.ly
www.instagram.com
www.facebook.com
www.tiktok.com
www.linkedin.com
twitter.com
telegram.me
api.whatsapp.com
hes.press
jobs.hespress.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-08` - `2024-05-07`	a year	crt.sh
pahter.tech GTS CA 1P5	`2024-02-16` - `2024-05-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
palibzh.tech GTS CA 1P5	`2024-02-11` - `2024-05-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Frame ID: F35F50AF2D4AC7B6015456A836657DCD
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 2CD1CC1D275C2476F1DFEF82720D85CE
Requests: 1 HTTP requests in this frame

Frame: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 36973C7E2ECC5A1C67BC0597EA802280
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.hespress.com
Frame ID: 5F2D0FE75359AFEED5DADD8803FC5A79
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 54B130757981182429BEC0BD1C0600C1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 787AAEFE2EBDC65374A9D278167B593D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 94DDEF3D2794FF866B3DC17977F73B5A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022402141842000/amp4ads-v0.mjs
Frame ID: 683A1BE19829641A27F7D082F9023172
Requests: 12 HTTP requests in this frame

Frame: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3332819EDE5084A20DE5C148E168CCB0
Requests: 36 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022402141842000/amp4ads-v0.mjs
Frame ID: 29DBDDD539FA389945FE9CE06CE1E880
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYv5SkiQIwAQ&v=APEucNWiZDv_1iSOz7qr_wZPphsLIDoY2g6pXibXFqtr9AYpAozqE5RGcU_jgfw02h8Nm5JcT1vBtGtHRNUCFjwGk2xFxnSGS6rGw60QdAfTK2PFgoGjEr20ePcWUCr_nAdsdzmgWR0NLfRPZNdEy9H_yBlvRD5g-6aZPB5-vR012yCpNuTjaBo
Frame ID: 02ECE53FA6F0D7E1E4514D7545787FC1
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 158B29D3B44C41D9C00C2DFE5070D1A3
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3042DF581A82A6145E321F3DEF6BB66A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

هذه عشرة مزاعم تشكّك في حقيقة هبوط الإنسان على سطح القمر

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

137
Requests

93 %
HTTPS

67 %
IPv6

27
Domains

45
Subdomains

41
IPs

5
Countries

3188 kB
Transfer

8173 kB
Size

25
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://fr.hespress.com/?utm_source=hespress_ar&utm_medium=web

Search URL Search Domain Scan URL

URL: https://en.hespress.com/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Hespress/

Search URL Search Domain Scan URL

URL: https://bit.ly/2nSBfHS

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hespress/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Hespress/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@hespress

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hespress/

Search URL Search Domain Scan URL

URL: https://en.hespress.com/?utm_source=hespress_ar&utm_medium=web
Title: النسخة الإنجليزية

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hespress.com/501390-501390.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.hespress.com/501390-501390.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.hespress.com/501390-501390.html&title=%D9%87%D8%B0%D9%87%20%D8%B9%D8%B4%D8%B1%D8%A9%20%D9%85%D8%B2%D8%A7%D8%B9%D9%85%20%D8%AA%D8%B4%D9%83%D9%91%D9%83%20%D9%81%D9%8A%20%D8%AD%D9%82%D9%8A%D9%82%D8%A9%20%D9%87%D8%A8%D9%88%D8%B7%20%D8%A7%D9%84%D8%A5%D9%86%D8%B3%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%B3%D8%B7%D8%AD%20%D8%A7%D9%84%D9%82%D9%85%D8%B1&summary=&source=

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?text=https://www.hespress.com/501390-501390.html

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://www.hespress.com/501390-501390.html

Search URL Search Domain Scan URL

URL: https://hes.press/Whatsapp
Title: تابعوا آخر الأخبار من هسبريس على WhatsApp

Search URL Search Domain Scan URL

URL: https://hes.press/telegram
Title: تابعوا آخر الأخبار من هسبريس على Telegram

Search URL Search Domain Scan URL

URL: https://jobs.hespress.com/jobs/Careers
Title: وظائف شاغرة

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&rid=esp&cc=1

Request Chain 56

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hespress.com&sn=ChromeSyncframe&so=0&topUrl=www.hespress.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=IfdgFnxoaTdza3MzazFnejhVMzVUclJ4NnJQL0RIRllNWk1UYW0rcUZyRndqR0duVGh6Y3hFeGxsKzFyVnhPVXBndXoveXZ4MkEwWllKQzdxYitNU1RrZ2hnRXl3dXpUNHpQWGREYWZxbkh4MisrSVM3dkpHaUtxbFVoMUNFTnhDSk9SdDIyWXYvd3dlZXBZa0hjNlJNbWE4WkttQStENDRVTHpEbUV5NGhzOHo5WmdhcmlhemR3M01DcHZGci9PVkc1eGFudmxNVE9sZ2JqbnlOUTFRM2RHSFFCUEp3Yys3bVVueTRFRFBjejJLNWcvVDIrL2l2K3FGV1g3dVhXQnFMVUZ3OFk5eU83c1F6MElsQmIwcmNaOHVBQT09fA&cppv=2

Request Chain 101

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeOEgrmqPfAAAERsAHwQLAAA

Request Chain 103

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ0ODAxODEwODI5ODkzNzU1Ng%3D%3D

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

137 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request %D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%... Show response
www.hespress.com/ 234 KB
41 KB 441ms
326ms Document
text/html 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.13
Resource Hash: 4a9f4910c6a0d7c0072e9ee4a3c30c44c2a386774a2563eec910d484df0abcde

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cf-cache-status: MISS
cf-ray: 85e3f3a90db1bb9e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 02 Mar 2024 19:56:44 GMT
last-modified: Sat, 02 Mar 2024 19:56:44 GMT
link: <https://www.hespress.com/?p=501390>; rel=shortlink
server: cloudflare
vary: Accept-Encoding
x-nginx-cache: HIT DE
x-powered-by: PHP/7.4.13

GET
H2 200 Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 34 KB
35 KB 170ms
68ms Font
application/font-woff 2606:4700::6812:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

Referer: https://www.hespress.com/
Origin: https://www.hespress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 22:26:02 GMT
server: cloudflare
age: 8112485
etag: W/"6567ba7a-89c8"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 85e3f3abbc309b7d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 35 KB
35 KB 207ms
106ms Font
application/font-woff 2606:4700::6812:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

Referer: https://www.hespress.com/
Origin: https://www.hespress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 22:26:02 GMT
server: cloudflare
age: 8112485
etag: W/"6567ba7a-8bd4"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 85e3f3abbc349b7d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 35 KB
35 KB 167ms
67ms Font
application/font-woff 2606:4700::6812:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

Referer: https://www.hespress.com/
Origin: https://www.hespress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 22:26:02 GMT
server: cloudflare
age: 8112485
etag: W/"6567ba7a-8cc8"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 85e3f3abbc359b7d-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hespress.com.js Show response
pahter.tech/c/ 8 KB
3 KB 171ms
58ms Script
application/javascript 2606:4700:3035::ac43:b53a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pahter.tech/c/hespress.com.js
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b53a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: MYJ2V2XMRV18H7XD
age: 3321
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 2289
x-amz-id-2: iq1WdgoekbciPg1k7WWDGbTxKj2JjQYWTrIzB2Y6/B6iyFy+Y7Q+ZTtQc1sQfZMCJRuB7EvS//zBvwgEEDgW1g==
last-modified: Thu, 08 Feb 2024 12:06:52 GMT
server: cloudflare
etag: "3f02c9d26139d05930116dc637a9e68e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8mrkcuGtw21enF%2BGHkHqXwHvyDzTV8V%2BiW0HsM1AF6fBDAWVxspXG1Cz02HpaiwzbOAD%2FpmMr0voV%2BZdpjn1pJON6AkX14STkVa1mQsxOkRVGOsDw6wyFziGHpRCWG70RdaIXPB%2Bc2q4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e3f3abdaf8006f-CDG

GET
H2 200 desktop.css
i1.hespress.com/wp-content/themes/hespressar/css/ 397 KB
58 KB 78ms
62ms Stylesheet
text/css 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.36
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35a8ec056421aefaad319ace767fe7a10253b921d79359d761a4b34b03f4f2c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 02 Jan 2024 22:11:40 GMT
server: cloudflare
age: 5175669
cf-polished: origSize=408542
etag: W/"65948a1c-63bde"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 85e3f3ab3faebb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 204ms
82ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3df638beb2341056683a71fb246b3d24688c845b622f08f28344bae7b0931ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28874
x-xss-protection: 0
server: cafe
etag: 295 / 19784 / m202402220101 / config-hash: 7305879754805612343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 19:56:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 173ms
84ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c01d23be1ebedd7314eb8f71b8f1e0ac374599f0296cbda0a4c287959d8e21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Origin: https://www.hespress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51319
x-xss-protection: 0
server: cafe
etag: 15147687698816754976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 02 Mar 2024 19:56:44 GMT

GET
H2 200 lune_5_745151418.jpg
i1.hespress.com/wp-content/uploads/2019/06/ 56 KB
56 KB 418ms
402ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2019/06/lune_5_745151418.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbb207176fe05cce5fe9ddc0d4a4da4a3373b7fb3637c7755144f9dfb318db83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
cf-cache-status: MISS
last-modified: Wed, 11 Nov 2020 15:56:37 GMT
server: cloudflare
etag: "5fac09b5-df26"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3ab3fafbb9e-FRA
content-length: 57126
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
88 KB 155ms
67ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

720e75d6bed0c3967e44fc2e0cb6c98588d70d91f637a6738caf90468e89fca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90127
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 18:31:04 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Mar 2024 19:56:44 GMT

GET
H2 200 sprite.svg
www.hespress.com/wp-content/themes/hespressar/ 215 KB
54 KB 60ms
60ms Other
image/svg+xml 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hespress.com/wp-content/themes/hespressar/sprite.svg?6.36
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fa512a905398f4207dcf41492073815b663fb62a7f6862ee94c9e03abdab84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 11 Nov 2023 19:17:18 GMT
server: cloudflare
age: 231
etag: W/"654fd33e-35dbb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=300
cf-ray: 85e3f3aba81fbb9e-FRA
expires: Sat, 02 Mar 2024 20:01:44 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.2.0/ 20 KB
7 KB 134ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 14:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6546
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 17:24:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Feb 2025 14:39:41 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.2.0/ 40 KB
11 KB 137ms
44ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10840
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 17:24:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 08:53:58 GMT

GET
H2 200 script.min.js Show response
i1.hespress.com/wp-content/themes/hespressar/js/ 208 KB
68 KB 71ms
71ms Script
application/javascript 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.36
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbd98296c77f155a1d0fdef5e6db50c02939aefbfe9072f1234f9c46d322f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 18:41:28 GMT
server: cloudflare
age: 5175758
etag: W/"653c0458-3412d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 85e3f3abe83ebb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 184ms
78ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.hespress.com/
Origin: https://www.hespress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 85e3f3ac89a18c43-FRA

GET
H2 200 projectagora.min.js Show response
palibzh.tech/libs/ 367 KB
103 KB 177ms
59ms Script
application/javascript 2606:4700:3033::6815:5ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://palibzh.tech/libs/projectagora.min.js
Requested by: Host: pahter.tech
URL: https://pahter.tech/c/hespress.com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b23472e2bff7d48bca2a06c3833be94e69186ad328f255cb5af1392245d9597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0VZKBN1BHDQ1Q19X
age: 2546
x-amz-server-side-encryption: AES256
x-amz-meta-version: 3.21.0
alt-svc: h3=":443"; ma=86400
content-length: 104464
x-amz-id-2: VaDY56BR+GMHydXjVsFsRbF8aTNj8QohTSdiAcGQvp2AbNZFo4Q0pm5akZgq8vA97JSHlj6TqfbOD8fswwEeXA==
last-modified: Mon, 19 Feb 2024 09:11:44 GMT
server: cloudflare
etag: "9fecdab9742b580abbed8a42a238c497"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSousIyTuBtHy%2FGhAXgtBa%2B2U76TTPnLSWsvpVHlIVTX4IC6snTdUQpoVdRD7zlA5nFJcueOdUhx7%2FwnJKFCXcECfeXx%2FCBmzZWS2PC6GTisr4D2xI%2FDuefYLCFY0gi6kmoGK%2BNph53Or%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 85e3f3acfc372a10-CDG

GET
H2 200 sprite.svg
i1.hespress.com/wp-content/themes/hespressar/ 215 KB
53 KB 64ms
63ms Image
image/svg+xml 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.36
Requested by: Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fa512a905398f4207dcf41492073815b663fb62a7f6862ee94c9e03abdab84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 11 Nov 2023 19:17:18 GMT
server: cloudflare
age: 204
etag: W/"654fd33e-35dbb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 85e3f3ac589cbb9e-FRA
expires: Sat, 02 Mar 2024 20:01:44 GMT

GET
H2 200 placeholder.png
i1.hespress.com/wp-content/themes/hespressar/img/ 3 KB
4 KB 55ms
55ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/themes/hespressar/img/placeholder.png
Requested by: Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 768281
cf-polished: origFmt=png, origSize=4471
content-disposition: inline; filename="placeholder.webp"
content-length: 3412
cf-bgj: imgq:85,h2pri
last-modified: Sat, 14 Nov 2020 22:53:56 GMT
server: cloudflare
etag: "5fb06004-1177"
vary: Accept
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3ac589ebb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pollution.jpg
i1.hespress.com/wp-content/uploads/2023/06/ 81 KB
81 KB 55ms
52ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2023/06/pollution.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102a92df231a74d7132955778a96df33e9dfe95ede05981232701c48256d3f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 57173
cf-polished: degrade=85, origSize=231672, status=webp_bigger
content-length: 83102
cf-bgj: imgq:85,h2pri
last-modified: Mon, 05 Jun 2023 18:19:39 GMT
server: cloudflare
etag: "647e273b-388f8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd8f8bb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ocp-nairobi.jpeg
i1.hespress.com/wp-content/uploads/2024/02/ 81 KB
82 KB 65ms
63ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/02/ocp-nairobi.jpeg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661d5bdd23011926cace11441035954ad3be35c79febfd9afa6619508faa1ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 189267
cf-polished: origSize=86338, status=webp_bigger
content-length: 83455
cf-bgj: imgq:85,h2pri
last-modified: Thu, 29 Feb 2024 16:10:30 GMT
server: cloudflare
etag: "65e0ac76-15142"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd8fabb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Corinne-Lepage.jpeg
i1.hespress.com/wp-content/uploads/2024/02/ 74 KB
75 KB 65ms
63ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/02/Corinne-Lepage.jpeg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456ed66365f66c7374c30584910448fd4f545657ef853e77bd4e916ac1076d17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 230055
cf-polished: qual=85, origFmt=jpeg, origSize=158572
content-disposition: inline; filename="Corinne-Lepage.webp"
content-length: 76104
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Feb 2024 23:11:04 GMT
server: cloudflare
etag: "65dfbd88-26b6c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd8fbbb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Benslimane-Ouverture-d-une-rencontre-sur-les-changements-climatiques.jpg
i1.hespress.com/wp-content/uploads/2024/02/ 81 KB
81 KB 65ms
63ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/02/Benslimane-Ouverture-d-une-rencontre-sur-les-changements-climatiques.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b5e0bf97c02918eae5524366e6c46e8ec74dadb1d829b336c8af4f7759ab10a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 244474
cf-polished: qual=85, origFmt=jpeg, origSize=277063
content-disposition: inline; filename="Benslimane-Ouverture-d-une-rencontre-sur-les-changements-climatiques.webp"
content-length: 82662
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Feb 2024 21:58:47 GMT
server: cloudflare
etag: "65dfac97-43a47"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd8fdbb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 femmes-copy.jpg
i1.hespress.com/wp-content/uploads/2024/03/ 21 KB
21 KB 95ms
93ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/03/femmes-copy.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 553f2ddf290e1a66520c264bfaf67ecbd6381dc82829eaf16cbb381e5e77ae13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 5054
cf-polished: degrade=85, origSize=35560, status=webp_bigger
content-length: 21273
cf-bgj: imgq:85,h2pri
last-modified: Sat, 02 Mar 2024 19:17:15 GMT
server: cloudflare
etag: "65e37b3b-8ae8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd8ffbb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wac-copy.jpg
i1.hespress.com/wp-content/uploads/2024/03/ 60 KB
60 KB 61ms
59ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/03/wac-copy.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a1d73683d6ce7a8bc03f9f108167f2ab92454a53785dfb404144f20fa0c416

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 8653
cf-polished: degrade=85, origSize=72321, status=webp_bigger
content-length: 60948
cf-bgj: imgq:85,h2pri
last-modified: Sat, 02 Mar 2024 18:59:31 GMT
server: cloudflare
etag: "65e37713-11a81"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd900bb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nossakh.jpg
i1.hespress.com/wp-content/uploads/2024/03/ 26 KB
26 KB 65ms
63ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/03/nossakh.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16630437c59d975269a8cd9bcebb1def73a4a25299621b2d39928f77f7843e67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 8619
cf-polished: degrade=85, origSize=42455, status=webp_bigger
content-length: 26931
cf-bgj: imgq:85,h2pri
last-modified: Sat, 02 Mar 2024 18:35:46 GMT
server: cloudflare
etag: "65e37182-a5d7"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd901bb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Driss-Lachgar.jpg
i1.hespress.com/wp-content/uploads/2024/03/ 22 KB
23 KB 65ms
64ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/03/Driss-Lachgar.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d58fda5932607f606fce9090e1868343badf37438b3d1cd6e39c6a449e9a25f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 23534
cf-polished: qual=85, origFmt=jpeg, origSize=49286
content-disposition: inline; filename="Driss-Lachgar.webp"
content-length: 22948
cf-bgj: imgq:85,h2pri
last-modified: Sat, 02 Mar 2024 15:23:10 GMT
server: cloudflare
etag: "65e3445e-c086"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd903bb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Asmaa-Rhlalou.webp
i1.hespress.com/wp-content/uploads/2024/03/ 28 KB
29 KB 58ms
57ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/03/Asmaa-Rhlalou.webp
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20fc8348abd57ac4a13d67c8c60148a70cd991bc0b24be3b532b0ccce9a1fff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
last-modified: Sat, 02 Mar 2024 12:46:07 GMT
server: cloudflare
age: 26624
etag: "65e31f8f-71ea"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd906bb9e-FRA
content-length: 29162
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Laayoune.jpg
i1.hespress.com/wp-content/uploads/2024/03/ 53 KB
54 KB 64ms
64ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/03/Laayoune.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07f591eab839a18c075683c53d5181a78025c6257ad3326721cb081062786cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:44 GMT
cf-cache-status: HIT
age: 30204
cf-polished: qual=85, origFmt=jpeg, origSize=78556
content-disposition: inline; filename="Laayoune.webp"
content-length: 54636
cf-bgj: imgq:85,h2pri
last-modified: Sat, 02 Mar 2024 12:32:17 GMT
server: cloudflare
etag: "65e31c51-132dc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3acd908bb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/ 405 KB
137 KB 181ms
101ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com&aplac=true&bust=31081529

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdeb6bb5b9bc1fdb658c97aeb0391507202864100e29b557792bdfa300164446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140537
x-xss-protection: 0
server: cafe
etag: 271521552232764865
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 19:56:45 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame 2CD1 9 KB
4 KB 132ms
39ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4127
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 18:47:58 GMT
etag: 5035419970550746386
expires: Sat, 16 Mar 2024 18:47:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 428 KB
135 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23211
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137662
x-xss-protection: 0
server: cafe
etag: 2919427224111863329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 02 Mar 2025 13:29:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
92 KB 76ms
76ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6311e2dcedc88f85b6d4c82ce201c7a926440f7da4739b9b9a08bbba33c8bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Mar 2024 19:56:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 02 Mar 2024 19:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 516
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 02 Mar 2024 21:48:09 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 85ms
85ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-338591081&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01232ad7a86604d14559bf0c1144d12e297a8dac1275a3ce48e89563f7705035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85517
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 18:31:04 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Mar 2024 19:56:45 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 408ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 02 Mar 2024 19:56:45 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: Y8vbrsowi6WfXuYPW9bPxyOdiDvkmNyJt1YCMyY6KxgNOtBmTXb0Nj83rrkeH//i82jbKCYrxGQngKdT5yO/xQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 forum-international-bensliman-4.jpg
i1.hespress.com/wp-content/uploads/2024/02/ 46 KB
47 KB 55ms
55ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2024/02/forum-international-bensliman-4.jpg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e768f8e392f5a9fe62c8e48754bc8f577bef5e98eefd7a25b69517811c1633

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
cf-cache-status: HIT
age: 266009
cf-polished: qual=85, origFmt=jpeg, origSize=105311
content-disposition: inline; filename="forum-international-bensliman-4.webp"
content-length: 47548
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Feb 2024 17:46:00 GMT
server: cloudflare
etag: "65df7158-19b5f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3aecaa3bb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 oasis.jpeg
i1.hespress.com/wp-content/uploads/2022/05/ 119 KB
120 KB 57ms
57ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.hespress.com/wp-content/uploads/2022/05/oasis.jpeg
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caffe6734833ae02d7fa5a4386362603f66bfbd1a03e4041efd2d250657d1189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
cf-cache-status: HIT
age: 284048
cf-polished: degrade=85, origSize=251622, status=webp_bigger
content-length: 122183
cf-bgj: imgq:85,h2pri
last-modified: Sat, 21 May 2022 15:04:58 GMT
server: cloudflare
etag: "6288ff9a-3d6e6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 85e3f3aecaa4bb9e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 142ms
47ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14041
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230065-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHCx0KTaK3c0BR1X82OZOR67RGJaPaqKTTybpa%2FXg6%2FaOEX9cQzLJBCFap37RjmdEVYNVVVvUvgSoNKdvHf4lCHMPEDl%2FjC%2BhzGxOKG373l8fRJ%2FD0pTpx0N0m4GejOwsQ%2FFp98laikIkNRrRvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85e3f3b00d9e4da4-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 164ms
51ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 27 Feb 2024 07:13:11 GMT
server: nginx
etag: W/"65dd8b87-a5db"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 03 Mar 2024 19:56:45 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 120ms
40ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Feb 2024 19:54:16 GMT
server: cloudflare
age: 171179
etag: W/"65ce6be8-42fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 85e3f3afe9096a75-TXL
expires: Tue, 05 Mar 2024 19:56:45 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 129ms
40ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 17 Feb 2024 05:53:26 GMT
content-encoding: gzip
age: 1260199
x-guploader-uploadid: ABPtcPqo5Z0m2cOyr5yC8BuYs_0fezW40bVygVNwwmitTQvABMcpaTYtmyxcuZIJBEUCujATmw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 16 Feb 2025 05:53:26 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 222 KB
84 KB 3000ms
2999ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=819895365435208&correlator=4022604531643269&eid=31079956%2C31081518&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fifs&iu_parts=153418548%2Cbill_hespress%2Cpave_article_mobile_hespress%2Ccode_hespress%2Cpave_hespress&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=970x90%7C970x250%7C728x90%7C940x230%7C1x1%2C216x36%7C1x1%7C300x50%7C320x50%7C250x250%7C300x250%7C300x100%7C336x280%7C200x200%7C300x75%7C320x100%7C216x54%7C300x600%2C1x1%2C320x50%7C300x250%7C300x600%7C300x480&fluid=0%2C0%2C0%2Cheight&ifi=3&didk=3487055549~2717970316~525783152~3701273382&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709409405328&lmt=1709409404&adxs=315%2C830%2C1599%2C296&adys=150%2C1246%2C31542%2C426&biw=1600&bih=1200&scr_x=0&scr_y=445&btvi=0%7C0%7C1%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&vis=1&psz=1366x282%7C654x2716%7C1600x31542%7C300x20&msz=970x250%7C654x0%7C1x-1%7C300x20&fws=4%2C4%2C0%2C4&ohw=1366%2C654%2C0%2C300&ga_vid=1254823005.1709409405&ga_sid=1709409405&ga_hid=2097600812&ga_fc=false&a3p=EhsKDDMzYWNyb3NzLmNvbRiNk_aF4DFIAFICCGQSGQoKcHViY2lkLm9yZxiMk_aF4DFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YjZP2heAxSABSAghkEhQKBW9wZW54GI2T9oXgMUgAUgIIZA..&dlt=1709409404640&idt=657&cust_params=category%3Dsciences-nature&adks=486685395%2C2353568213%2C3257146107%2C3711263976&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45ae471288ce1c1dd64e40c430fc1eba6854f9a3fcbd496cb70dbbca56b702bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85839
x-xss-protection: 0
google-lineitem-id: -1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hespress.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3697 6 KB
3 KB 198ms
71ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 19:56:45 GMT
expires: Sun, 02 Mar 2025 19:56:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 163ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je42t1v869673765z878625843za220&_p=1709409404732&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1254823005.1709409405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709409405&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html&dt=%D9%87%D8%B0%D9%87%20%D8%B9%D8%B4%D8%B1%D8%A9%20%D9%85%D8%B2%D8%A7%D8%B9%D9%85%20%D8%AA%D8%B4%D9%83%D9%91%D9%83%20%D9%81%D9%8A%20%D8%AD%D9%82%D9%8A%D9%82%D8%A9%20%D9%87%D8%A8%D9%88%D8%B7%20%D8%A7%D9%84%D8%A5%D9%86%D8%B3%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%B3%D8%B7%D8%AD%20%D8%A7%D9%84%D9%82%D9%85%D8%B1&en=page_view&_fv=1&_ss=2&tfd=1193
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hespress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 150ms
49ms Ping
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P97QV0GBGK&cid=1254823005.1709409405&gtm=45je42t1v869673765z878625843za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hespress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 163ms
74ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P97QV0GBGK&cid=1254823005.1709409405&gtm=45je42t1v869673765z878625843za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=621449126

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/338591081/ 4 KB
2 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/338591081/?random=1709409405410&cv=11&fst=1709409405410&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9173939124z878625843za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&hn=www.googleadservices.com&frm=0&tiba=%D9%87%D8%B0%D9%87%20%D8%B9%D8%B4%D8%B1%D8%A9%20%D9%85%D8%B2%D8%A7%D8%B9%D9%85%20%D8%AA%D8%B4%D9%83%D9%91%D9%83%20%D9%81%D9%8A%20%D8%AD%D9%82%D9%8A%D9%82%D8%A9%20%D9%87%D8%A8%D9%88%D8%B7%20%D8%A7%D9%84%D8%A5%D9%86%D8%B3%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20&npa=0&pscdl=noapi&auid=350217376.1709409405&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-338591081&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d42ac5d37664515177461acd1032d930c471de5c03e4fa2f188b2290ab2b7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1446
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
210 B 47ms
46ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2097600812&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&ul=en-us&de=UTF-8&dt=%D9%87%D8%B0%D9%87%20%D8%B9%D8%B4%D8%B1%D8%A9%20%D9%85%D8%B2%D8%A7%D8%B9%D9%85%20%D8%AA%D8%B4%D9%83%D9%91%D9%83%20%D9%81%D9%8A%20%D8%AD%D9%82%D9%8A%D9%82%D8%A9%20%D9%87%D8%A8%D9%88%D8%B7%20%D8%A7%D9%84%D8%A5%D9%86%D8%B3%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%B3%D8%B7%D8%AD%20%D8%A7%D9%84%D9%82%D9%85%D8%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAACAAI~&jid=1548991801&gjid=610759137&cid=1254823005.1709409405&tid=UA-1423316-1&_gid=209043034.1709409405&_r=1&_slc=1&gtm=45He42t1n8153HHGG5v78625843za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=1213837808

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hespress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hespress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA...
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA...

85 B
194 B

215ms
214ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&rid=esp&cc=1
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 7c1814a98e79797e90003d9940338ee9ae246089907017da9083b68c88e50d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:48 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-Bj/tv4JxotGky+mNOVM8UqxooKE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hespress.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 02 Mar 2024 19:56:45 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.hespress.com
location: /esp?url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 65ms
48ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1423316-1&cid=1254823005.1709409405&jid=1548991801&gjid=610759137&_gid=209043034.1709409405&_u=YADAAAAAAAAAACAAI~&z=1335661935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hespress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 02 Mar 2024 19:56:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hespress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-9809098668305457 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 2807ms
2716ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9809098668305457?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com&aplac=true&bust=31081529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

647f6dd66bd584237f3a057869cdb8d9994a083b5dc296d894e6c137c2b5fefe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-THbzsHWyvM9BSP12l6zUUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:45 GMT
content-security-policy: script-src 'report-sample' 'nonce-THbzsHWyvM9BSP12l6zUUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytHikmJw1ZBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pKJ5-tLJgkg1gDiHT4eLHzrprOqALHu-umsoUAc83w6awoQO6XPYA0CYp_6GawxQCzEw_G3o289m8CHE-f3MQEAPOMy2A"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 2794ms
2704ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1423316-1&cid=1254823005.1709409405&jid=1548991801&_u=YADAAAAAAAAAACAAI~&z=849117106

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 74ms
73ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1423316-1&cid=1254823005.1709409405&jid=1548991801&_u=YADAAAAAAAAAACAAI~&z=849117106

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/338591081/ 42 B
455 B 140ms
52ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/338591081/?random=1709409405410&cv=11&fst=1709406000000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9173939124z878625843za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&frm=0&tiba=%D9%87%D8%B0%D9%87%20%D8%B9%D8%B4%D8%B1%D8%A9%20%D9%85%D8%B2%D8%A7%D8%B9%D9%85%20%D8%AA%D8%B4%D9%83%D9%91%D9%83%20%D9%81%D9%8A%20%D8%AD%D9%82%D9%8A%D9%82%D8%A9%20%D9%87%D8%A8%D9%88%D8%B7%20%D8%A7%D9%84%D8%A5%D9%86%D8%B3%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqFy92TrKi4wOjJQJGT0S5iOnpXXoGnw&random=626089085&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/338591081/ 42 B
154 B 50ms
50ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/338591081/?random=1709409405410&cv=11&fst=1709406000000&bg=ffffff&guid=ON&async=1&gtm=45be42t1v9173939124z878625843za201&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&frm=0&tiba=%D9%87%D8%B0%D9%87%20%D8%B9%D8%B4%D8%B1%D8%A9%20%D9%85%D8%B2%D8%A7%D8%B9%D9%85%20%D8%AA%D8%B4%D9%83%D9%91%D9%83%20%D9%81%D9%8A%20%D8%AD%D9%82%D9%8A%D9%82%D8%A9%20%D9%87%D8%A8%D9%88%D8%B7%20%D8%A7%D9%84%D8%A5%D9%86%D8%B3%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqFy92TrKi4wOjJQJGT0S5iOnpXXoGnw&random=626089085&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5F2D 14 KB
6 KB 2778ms
2692ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.hespress.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 19:56:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 470306
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 447079109144639 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 2645ms
2644ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/447079109144639?v=2.9.148&r=stable&domain=www.hespress.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d662aa0894fbd9805153551b06b9cbaf83df52234bd395913c0b03f7539c6a29

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 02 Mar 2024 19:56:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12869
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: yc1L67+Cz8hntgKi1hBa2y/4oZOhI4Jx4ujoH61XOxfmNe5rBK9TGHfOUnbthpLSthMfSksKpfx91G40cgKuKg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5F2D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=hespress.com&sn=ChromeSyncframe&so=0&topUrl=www.hespress.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=IfdgFnxoaTdza3MzazFnejhVMzVUclJ4NnJQL0RIRllNWk1UYW0rcUZyRndqR0duVGh6Y3hFeGxsKzFyVnhPVXBndXoveXZ4MkEwWllKQzdxYitNU1RrZ2hnRXl3dXpUNHpQWGREYWZxbkh4MisrSVM3dkpHaUtxbFVoMU...

427 B
652 B

127ms
104ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=IfdgFnxoaTdza3MzazFnejhVMzVUclJ4NnJQL0RIRllNWk1UYW0rcUZyRndqR0duVGh6Y3hFeGxsKzFyVnhPVXBndXoveXZ4MkEwWllKQzdxYitNU1RrZ2hnRXl3dXpUNHpQWGREYWZxbkh4MisrSVM3dkpHaUtxbFVoMUNFTnhDSk9SdDIyWXYvd3dlZXBZa0hjNlJNbWE4WkttQStENDRVTHpEbUV5NGhzOHo5WmdhcmlhemR3M01DcHZGci9PVkc1eGFudmxNVE9sZ2JqbnlOUTFRM2RHSFFCUEp3Yys3bVVueTRFRFBjejJLNWcvVDIrL2l2K3FGV1g3dVhXQnFMVUZ3OFk5eU83c1F6MElsQmIwcmNaOHVBQT09fA&cppv=2

Requested by

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

754746b540a3f56d30cbde61a18df32e543b35a368187bbdfe9b85c876b68367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2546824
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=IfdgFnxoaTdza3MzazFnejhVMzVUclJ4NnJQL0RIRllNWk1UYW0rcUZyRndqR0duVGh6Y3hFeGxsKzFyVnhPVXBndXoveXZ4MkEwWllKQzdxYitNU1RrZ2hnRXl3dXpUNHpQWGREYWZxbkh4MisrSVM3dkpHaUtxbFVoMUNFTnhDSk9SdDIyWXYvd3dlZXBZa0hjNlJNbWE4WkttQStENDRVTHpEbUV5NGhzOHo5WmdhcmlhemR3M01DcHZGci9PVkc1eGFudmxNVE9sZ2JqbnlOUTFRM2RHSFFCUEp3Yys3bVVueTRFRFBjejJLNWcvVDIrL2l2K3FGV1g3dVhXQnFMVUZ3OFk5eU83c1F6MElsQmIwcmNaOHVBQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 283141
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 202ms
42ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&rl=&if=false&ts=1709409408359&sw=1600&sh=1200&v=2.9.148&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1709409408357.1149582013&cs_est=true&ler=empty&cdl=API_unavailable&it=1709409405697&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 02 Mar 2024 19:56:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 201ms
42ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=447079109144639&ev=ViewContent&dl=https%3A%2F%2Fwww.hespress.com%2F%25D9%2587%25D8%25B0%25D9%2587-%25D8%25B9%25D8%25B4%25D8%25B1%25D8%25A9-%25D9%2585%25D8%25B2%25D8%25A7%25D8%25B9%25D9%2585-%25D8%25AA%25D8%25B4%25D9%2583%25D9%2591%25D9%2583-%25D9%2581%25D9%258A-%25D8%25AD%25D9%2582%25D9%258A%25D9%2582%25D8%25A9-%25D9%2587%25D8%25A8%25D9%2588%25D8%25B7-%25D8%25A7%25D9%2584%25D8%25A5%25D9%2586-501390.html&rl=&if=false&ts=1709409408361&cd[content_name]=%D9%87%D8%B0%D9%87%20%D8%B9%D8%B4%D8%B1%D8%A9%20%D9%85%D8%B2%D8%A7%D8%B9%D9%85%20%D8%AA%D8%B4%D9%83%D9%91%D9%83%20%D9%81%D9%8A%20%D8%AD%D9%82%D9%8A%D9%82%D8%A9%20%D9%87%D8%A8%D9%88%D8%B7%20%D8%A7%D9%84%D8%A5%D9%86%D8%B3%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%B3%D8%B7%D8%AD%20%D8%A7%D9%84%D9%82%D9%85%D8%B1&cd[content_category]=%D8%A8%D9%8A%D8%A6%D8%A9%20%D9%88%D8%B9%D9%84%D9%88%D9%85&cd[content_ids]=%5B%22501390%22%5D&cd[content_type]=article&sw=1600&sh=1200&v=2.9.148&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1709409408357.1149582013&ler=empty&cdl=API_unavailable&it=1709409405697&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 02 Mar 2024 19:56:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 AGSKWxUPlRLO9HqJgzqpe_kv9LN5-NWYxIaxKMaAqChZgG3_YVERt5CuHs99QFXtpexLGNsrIKiAZVCUPdi9pAze53pUcVbUY6FO5JpycNy6m7B86Jp3AM3qH_GQDeFjSI6ghJ441fA2 Show response
fundingchoicesmessages.google.com/f/ 412 KB
61 KB 158ms
157ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUPlRLO9HqJgzqpe_kv9LN5-NWYxIaxKMaAqChZgG3_YVERt5CuHs99QFXtpexLGNsrIKiAZVCUPdi9pAze53pUcVbUY6FO5JpycNy6m7B86Jp3AM3qH_GQDeFjSI6ghJ441fA2?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NDA5NDA4LDU1NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVzcHJlc3MuY29tLyVEOSU4NyVEOCVCMCVEOSU4Ny0lRDglQjklRDglQjQlRDglQjElRDglQTktJUQ5JTg1JUQ4JUIyJUQ4JUE3JUQ4JUI5JUQ5JTg1LSVEOCVBQSVEOCVCNCVEOSU4MyVEOSU5MSVEOSU4My0lRDklODElRDklOEEtJUQ4JUFEJUQ5JTgyJUQ5JThBJUQ5JTgyJUQ4JUE5LSVEOSU4NyVEOCVBOCVEOSU4OCVEOCVCNy0lRDglQTclRDklODQlRDglQTUlRDklODYtNTAxMzkwLmh0bWwiLG51bGwsW1s4LCJ2enJOdkhRLWN5byJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjU5OTJdLG51bGwsNl0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwQF2fskyAOycMmVP1q4f6hVo0GBQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3a442af03e6d2bbb0c23624af19fcbfd0ea30d98747c1518880a6923f24c937

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hgvhiyaau-VZ6_r9fAOhYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-hgvhiyaau-VZ6_r9fAOhYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykonn60smCSDWAOIdPh4sfOums6oAse766ayhQBzzfDprChA7pc9gDQJin_oZrDFALMTD0dDZt55NoONBw3EmAPmCLLg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 54B1 199 B
298 B 139ms
51ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Sat, 02 Mar 2024 19:56:48 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 107 KB
6 KB 149ms
59ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwyFLpNKY2V7TORlzEb8_ENYoGtZQ/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Mar 2024 19:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Mar 2024 19:56:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Mar 2024 19:56:48 GMT

GET
H2 200 uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
lh3.googleusercontent.com/ 6 KB
6 KB 139ms
43ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 18:29:52 GMT
x-content-type-options: nosniff
age: 5216
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5847
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 03 Mar 2024 18:29:52 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 131ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Origin: https://www.hespress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 03:51:57 GMT
x-content-type-options: nosniff
age: 317092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 03:51:57 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 190ms
99ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Origin: https://www.hespress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 05:34:50 GMT
x-content-type-options: nosniff
age: 310919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 05:34:50 GMT

POST
H3 204 AGSKWxUz8gtK8tggiHlsrxAUDS1obRpBiEw9WpyprcuKDA9DstrcWygLbUfu3MrXs6j5LV-YgXvTdlUwM9AjpwsKoATtnwXYd5y46yAPfYQM6sGJjgvXaFkocBbpjhfJHHSA1BdDtMc3 Show response
fundingchoicesmessages.google.com/el/ 0
29 B 138ms
57ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUz8gtK8tggiHlsrxAUDS1obRpBiEw9WpyprcuKDA9DstrcWygLbUfu3MrXs6j5LV-YgXvTdlUwM9AjpwsKoATtnwXYd5y46yAPfYQM6sGJjgvXaFkocBbpjhfJHHSA1BdDtMc3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KkFud75mrRQlzQ-uPgYXQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 02 Mar 2024 19:56:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-KkFud75mrRQlzQ-uPgYXQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrAFALMTN0djZt55NYMeOU-YAd1wQlw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.hespress.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 91ms
90ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402220101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf3ee9b99ae5f5166d4236a08c089fe0f330f770e9cd74bf4a0f1c604997eb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12400
x-xss-protection: 0

POST
H2 204 rum Show response
www.hespress.com/cdn-cgi/ 0
206 B 84ms
83ms XHR
text/plain 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hespress.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/json

Response headers

date: Sat, 02 Mar 2024 19:56:49 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.hespress.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 85e3f3c8398abb9e-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 203ms
92ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Mar 2024 19:56:49 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 787A 13 KB
5 KB 48ms
37ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 19:03:12 GMT
expires: Sun, 02 Mar 2025 19:03:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 94DD 829 B
976 B 55ms
46ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3acadaf7daa178ab4df04dab1ce46251fc789c345add6766e179e5654615c0a0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-02oixFbrLoM-sPrB7IqP-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-02oixFbrLoM-sPrB7IqP-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 19:56:49 GMT
expires: Sat, 02 Mar 2024 19:56:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022402141842000/ Frame 683A 196 KB
55 KB 212ms
91ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbd340a22d066096c8205215c648257266f1a22434f2baade482c66ae1cdea5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Feb 2024 14:25:41 GMT
age: 192668
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56170
x-xss-protection: 0
server: sffe
etag: "fe5e9babf54d2335"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Feb 2025 14:25:41 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022402141842000/v0/ Frame 683A 15 KB
5 KB 323ms
203ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc3e54f2e0b07f6437c7c475d148a59198ce17bd84a0090ab22f1b5a87ce0ec1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 21:50:48 GMT
age: 338761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5214
x-xss-protection: 0
server: sffe
etag: "ae4cb610c3042176"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 21:50:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022402141842000/v0/ Frame 683A 95 KB
28 KB 318ms
199ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f813fed51f3e6c62b912269015f0737f66bcec2fa1874b01e412019605e04c76

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 21:50:48 GMT
age: 338761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29038
x-xss-protection: 0
server: sffe
etag: "8d4d68f6a2b21b4a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 21:50:48 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022402141842000/v0/ Frame 683A 5 KB
2 KB 320ms
200ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d92d6310bc776e8d30d2f968e743573cfb3b4c5c9d9585871456eb3178e931ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 21:50:48 GMT
age: 338761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1905
x-xss-protection: 0
server: sffe
etag: "ac735918f76dd725"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 21:50:48 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022402141842000/v0/ Frame 683A 40 KB
13 KB 320ms
201ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce8d158cdf273df068eb8394b499cc78e19d7706ed618a7ea2137c3f611a3f70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 21:50:48 GMT
age: 338761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12939
x-xss-protection: 0
server: sffe
etag: "5ef8b8f9268955f6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 21:50:48 GMT

GET
DATA 200
OK truncated
/ Frame 683A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5c84032feeb4a43c1b7b844d1e5fd0ed9933abe164853c0ce19c1295afe887b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3332 6 KB
3 KB 43ms
41ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 19:56:45 GMT
expires: Sun, 02 Mar 2025 19:56:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022402141842000/ Frame 29DB 196 KB
56 KB 138ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbd340a22d066096c8205215c648257266f1a22434f2baade482c66ae1cdea5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 29 Feb 2024 14:25:41 GMT
age: 192668
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56170
x-xss-protection: 0
server: sffe
etag: "fe5e9babf54d2335"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Feb 2025 14:25:41 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022402141842000/v0/ Frame 29DB 15 KB
5 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc3e54f2e0b07f6437c7c475d148a59198ce17bd84a0090ab22f1b5a87ce0ec1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 21:50:48 GMT
age: 338761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5214
x-xss-protection: 0
server: sffe
etag: "ae4cb610c3042176"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 21:50:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022402141842000/v0/ Frame 29DB 95 KB
28 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f813fed51f3e6c62b912269015f0737f66bcec2fa1874b01e412019605e04c76

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 21:50:48 GMT
age: 338761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29038
x-xss-protection: 0
server: sffe
etag: "8d4d68f6a2b21b4a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 21:50:48 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022402141842000/v0/ Frame 29DB 5 KB
2 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d92d6310bc776e8d30d2f968e743573cfb3b4c5c9d9585871456eb3178e931ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 21:50:48 GMT
age: 338761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1905
x-xss-protection: 0
server: sffe
etag: "ac735918f76dd725"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 21:50:48 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022402141842000/v0/ Frame 29DB 40 KB
13 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022402141842000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce8d158cdf273df068eb8394b499cc78e19d7706ed618a7ea2137c3f611a3f70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Feb 2024 21:50:48 GMT
age: 338761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12939
x-xss-protection: 0
server: sffe
etag: "5ef8b8f9268955f6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 26 Feb 2025 21:50:48 GMT

GET
DATA 200
OK truncated
/ Frame 29DB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e132e9cca86d497a40d8d93ec8d419d2d49a3d4fbc776c4443f99130c397a512

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 683A 3 KB
3 KB 43ms
42ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 06:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 47556
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2737
x-xss-protection: 0
expires: Sun, 03 Mar 2024 06:44:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 683A 344 B
587 B 42ms
41ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 21:51:44 GMT
x-content-type-options: nosniff
server: cafe
age: 79505
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 02 Mar 2024 21:51:44 GMT

GET
DATA 200
OK truncated
/ Frame 683A 49 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ced47af1aaa15d93da54d1ee71296e49020ef94e73419a8dd787e9ebc4fa7312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 683A 153 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eccd9069b97456feb2f393e414c86ab2060a0ea5d57ba1faa18f18d61b53f21f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 683A 151 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6289476e42f5aeebbee07f8637d0747000103d5ca84f3b82fa443c1876459e4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 17841931707407620347
tpc.googlesyndication.com/daca_images/simgad/ Frame 29DB 41 KB
41 KB 45ms
44ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17841931707407620347

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

249488523612d4bb9f2f1ed33a3e5db6b27ed544901d8d2d262f025f81b9c8ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 28 Feb 2025 06:07:49 GMT
date: Thu, 29 Feb 2024 06:07:49 GMT
x-content-type-options: nosniff
age: 222540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41738
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 13:44:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 29DB 3 KB
3 KB 42ms
41ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ar.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 06:44:13 GMT
x-content-type-options: nosniff
server: cafe
age: 47556
etag: 9421415325968714010
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2737
x-xss-protection: 0
expires: Sun, 03 Mar 2024 06:44:13 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 29DB 344 B
402 B 43ms
43ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 21:51:44 GMT
x-content-type-options: nosniff
server: cafe
age: 79505
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 02 Mar 2024 21:51:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 02EC 624 B
246 B 81ms
78ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYv5SkiQIwAQ&v=APEucNWiZDv_1iSOz7qr_wZPphsLIDoY2g6pXibXFqtr9AYpAozqE5RGcU_jgfw02h8Nm5JcT1vBtGtHRNUCFjwGk2xFxnSGS6rGw60QdAfTK2PFgoGjEr20ePcWUCr_nAdsdzmgWR0NLfRPZNdEy9H_yBlvRD5g-6aZPB5-vR012yCpNuTjaBo

Requested by

Host: 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
URL: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Mar 2024 19:56:49 GMT
expires: Sat, 02 Mar 2024 19:56:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3332 93 KB
33 KB 92ms
89ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
URL: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 19:56:49 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3332 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGME-7hFdBYpH7NR6gK3VyZEDTG_nVDuk2G651WmM9vB_gfN2eGx0pyL0mBu-XqChJ56CxVv1VRfeFjkPQBoOEJWePdcbYXIxByBqOywxZKJUiXg4

Requested by

Host: 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
URL: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 3332 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
URL: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 11:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 11:22:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 3332 20 KB
8 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
URL: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 09:42:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 09:42:49 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3332 207 KB
63 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
URL: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Mar 2024 20:32:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 94DD 0
0 71ms
70ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402220101&jk=819895365435208&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 787A 40 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 13:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Mar 2025 13:32:24 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 02EC 170 B
409 B 167ms
57ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYv5SkiQIwAQ&v=APEucNWiZDv_1iSOz7qr_wZPphsLIDoY2g6pXibXFqtr9AYpAozqE5RGcU_jgfw02h8Nm5JcT1vBtGtHRNUCFjwGk2xFxnSGS6rGw60QdAfTK2PFgoGjEr20ePcWUCr_nAdsdzmgWR0NLfRPZNdEy9H_yBlvRD5g-6aZPB5-vR012yCpNuTjaBo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 02EC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeOEgrmqPfAAAERsAHwQLAAA

170 B
232 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeOEgrmqPfAAAERsAHwQLAAA

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ki8Y2ChLaQUEx0RSwsfi49OK7g77hW3gHn%2FhKpYTY%2BnIDkvUCKzhBAVGPcKl%2FiuojHUvt0GcHBA3T3VvfwgJhWnvbVPI2vE2SWVo%2FflT7qfqNezrEyb2Tni44uMaefjgwtCuDtUC3H1MJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZeOEgrmqPfAAAERsAHwQLAAA
cache-control: no-cache
cf-ray: 85e3f3cd0ffd6a75-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 02EC 170 B
232 B 147ms
58ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 02EC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ0ODAxODEwODI5ODkzNzU1Ng%3D%3D

170 B
232 B

53ms
52ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ0ODAxODEwODI5ODkzNzU1Ng%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:50 GMT
an-x-request-uuid: 5cabab07-350a-46d4-a0f9-c04ec7714a1c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ0ODAxODEwODI5ODkzNzU1Ng%3D%3D
x-proxy-origin: 80.255.7.100; 80.255.7.100; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3332 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8681930591333&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3332 0
20 B 70ms
70ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8681930591333&version=m202401290101&ct=77&x=1&cor=17088123318176852000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3332 35 KB
20 KB 96ms
91ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5IFypmX5n-O27W-v2n8Fzu9p-5-tRXuYlz3AT5Z3muHvjQD9lbqFvBRVJJy6efTNFFE324gwasVSaIREMo8xrpw7z4WZjlEjRhGqyGvrs9peSrH4PcHlXC4DaZFMBJrMQ_H4l3bln2be8b8dJLxFBr_z1Wd_bkp8WPdg9SeqSUyr01zI2Il5C5Sf-IPEwAfI1MyWdoSst91Kpnj-c_VESLq8oIA&cry=1&dbm_d=AKAmf-AVtvYxx7z6dY01wbFYCfDYrr_L5hVeUvSHCpryoMPxTHHeNCY7sVlW5Eivkv8Pxk8ZxpVyyR5DnSuQDC6QvKvChfdZmdTEeV_96ueN3EJKhRGZgplCLeYnJYk5-PVv5orQFc7lQ7J7lE6I6fUyKcw-FHxy_TAUnr-DRzUich-F6gPs-ISNzLlv3ZKL7xIPLFIx_T8sgZKasDYvrLxpUq_rLLWzm35FpCraP83xyebCEwbyrvKgb-knlU_gO2ZCjEG-UZfkv31tbfPDwBKFUQWWTLMld87cfGnUieYKiNIOe3DbOejftg11ueO18sY5H7VRqBgn4mu1yBVx8H3XnPGt8dybYS1xbPAUJMU6PdLlj9M3X7YrqM0-wAQZ6wrNASy-DBJ8KTOu5zr7OrGYV0wE4N4gjtY48x2YirZsLmChJ3sxzQZqcDpbUGZgO8KD8cCtFaCA2JTGtquSxwtgNIIlIFV5TWst5vQrlsSX4TQv9US8KezZU6Vl1-JRa5aUB7Bwd8MfL8tlz6wMhKuAgxKp43hxlEdeaknR-11F6FSn6etEGD1C0F6JIQp0-582lGyvMW5qTVTbWVXdancECCyFzT-yuiW2cUMwz0vkb7pZjAMCf9ObGwsoMaeSrtJl_VYBsEwF0Rd09dwQBUPXQSORZh5lpXHUJkSjQr5ZAOIfbCLRFst_ybfmM3IOji5Vo5JfUg0nurSN5LoXBXswlSnytWrbYhSl5eJZNp4UIWjOGDbckZsXEj6hvrKrEwsIKYogLhnQ83KbDrqk22DKi2qIuRUAASIVdDJuwDsGTSQLey13a6DdSSR9Th3yLmhvFejr1QxpFsXQo49BYMRoUQ6kzisYGeZpAkmtszAtE1jsknyHl4yn_VfcCvMLShXUMo7CCsE3cBXx9XG4UI88yEcbaMIe3AZSryOlsZfnEbfRrgeSAhDGmoQKhdPX9eQa6GiPN5aH8eNAimFsEoinT9CRtm1bzoQ1w-OkaBSjzyu59LS4ZXNSEA_ilDTBS9xgJCYsujtAuGjQZjMaNWGg16xgja8cjoPNxynIi0VazQYdwELEvkNntPoNhNcld9Y7h0ledAQEL-CQuUFEmfssB3V-2XIWMExbkBHfuDNc7GspbAn7vAtbFOWUBC4FR51iYCLqy5YWufUmHrDNYYgmjuu4nw_mPZ4dPmpTKnsW4EnHOydQuIbvySA_sQsEOC7T3B8MWPOh9tyzPuUC484sE3mKnGAq-5ygpQIz9pfpBVR4HDnTcqS6S6aUilbey-zb2YN41vKad-KZIG3aC4Yix1JDqGQNLjOKhYOPiHugTmEl42fusRzONU5Kx6MXQX1T-LHv4nDlmjG3xeyD1SPMGg-kdPnEzfCLV_Zz4DTYdjJwWH7iAbco-K9jLQWVwMoaZVGAkpSDbn8qapbhYVUHaJN3tEpKmdVWUi35pG1_fkTr2CkNislRL_ZQngJsXPYkDDjCVIsvBhxHNZr1DK8X8puCrAafWGRfrNaljU6K6Bz4pTnK3zr8KnS_HnJmfN6O4yo6QUSMgWraVy6Cwva9j7XrL5nLSPHV18MfLdB23vCNQWauLdA-uGSBnhXc0h_JY233FJYA2zLFNB5QzsA2N8q6bBc4l5IFGZ2TWKP7ZPuxwGKwKeoCrEtmMUDgF7uKxjkcb1ZBhIpCl5SZgA4EIOBNkX9MQmkQWYzfMe3VmExrUTq2yaCCYK-GMquKSP9fOF-59-Y-n3TxdZnklRyQCQaWcu2XvyJTASgcMRK8coyk2CKweV4PtpqMubb1e-GziyCqJgTlzKK4K5kYf7RMQfIR9o6CufF0yUcK2OSBXKqGSdZuJo9UssIqnEQl_FIDZJYXbtgZ6qN7SERhyqCFIr4goGoU8jeZ3igo5jc3iZ8WXo4sxaJgBICR3BXucYoqXmDwVAwoQo4imwK7a-Db7U9_ldC1PbaC38w43xK3OKrSkgWz7lmvf5gQ2PKFRwltJ-DafgDwu0OiAmWvlD15ZNQliLqFwMvdTalO7Oo0Gn0f4N_74EsqE5K1UJgX_Jk40PYSKJbsf7NvWZM5yRJ6_TSRNV2pnaPh_rCH8VuE4XKCk9QyyYgKSkomQxBzlu_SuJtZkAwEJIQeaPv8Rf4pPnfy749YSyFWuugscmPsd_grJ4Bs0iYgbDPNtsFtWjf3AW1IF-qEOdZKi94AhrfCS5Ix-trUXXt1B9nSeiolNdyOA9uZduvvF1FSsXsa3QzwR380t1lNwMEBk5k2yLexHsLSUI8G01gLWrYu9DbjldC_8oxibT5jIvloDfLdz4W82-u_Mbnph-bQ_F0gL8l-_tgvgkMgwXi4Jg_MWepOA8QFGw1rPCKlWNiMKNDo2A3UG9NmLm1Iw0qlRLlzZwaTljsAcO_7GxnKfqER9UcvhcC8NO7HQ_e1OPeeszawm1T4fvPrzQEf9kaQEf4z5EScYBK6XjmtGIIFgYp8lcqwhFZ0ok9EoSTWlIRip7vWPjd5F2ub_-qcBQDFDBWK9nX4my1siljF9G8_aFVS2jycc_ogJCK-VfqErBhqixWDqhwxt6aqL3awup0WMC3AQugot5VRaxcmfj8Y7tdD_nejf2_7BufpN3NSbYMq0AvbNKTEuJpheJbBBFew2x0BKDbtD-Mcp6SCX-WEtVLgIxcbPW1VHSIHfLNRw_7wGqchCh7leQB9dsNKJg7_boXjqdzDhpgdvg1q_Jl9fGIIfpIYGGhx1yELF32BrrZ_pfGJQKuu49zm-O15CU_f5d1gANAAbFtcftQOfMzZSOoC7YI2jtIC7XpwGUda1ElUqXXYe_fNQEt3bT-2NnAfXgqDI_mhsr3hMuKwW6aCjuQY2WKI_qSqvo3-5FH-Lwqo7_it3cAZMi6w45s3p8nOcmxGYC9m_466FoEe15ykR2lCOxnO0nAXl5o3U3-i7KTaY9bwE1o3EAfmTlr6yVQDiZXbCPNnQAMXsgWghiS8o3To5-EP2ySXVkXlFnewB5hopy7AEHe00u_eJj5Py92mL68gCAZrvkQAHGfhXJUxMX47am07O-KIxnAn_H8MYsDnDDude2ytjQmH0A27OkeFl95aJR4BrkSmGEXFJTtXkZJR9HlF4Iu-39TVBiKlCAyLAdGZBB3BAiW0Dzu9_rV72NQJBxmHzcwsV_9INKE_DsnrX8oNcotAF_xbVSyaKW_A-2aJVcoJYj2LAP5a7dDH6Vs9DowRz5DrDwHXQKbA6ZKk1oIU8AIMB22a0cewvAYzeGQW89JGE_KjNfuAsKgOCHjJMPtSZTShh2d52IHXdIDvsxTSG0KJAIDEDZHNDszqzUocHJucc_4m1xxsPN4So_TruOXY2LCReU6BL2Jn16vJV82aw4E7oqrbV-uLbKwLzUReehjJEjyCI7ZWy_pWEGDUgBb29dgt9vOFQtgXXFrJUa9FYPQcJe6Pjh5kee-KTMMRn-miVNDOeiY0fVxIFxjdSiMZI6OcYTJaE4rO81v-oOTN2OmpwkdfZ_rq1YynJTrfcs-rpvK55nS85CSKzYuijZJQdt31Kt2ALunPVlG4mTSzA_ZYlopW58-pR9ms33z4Ko93hH2TJT6DVY8C6kAMD2cLMdJnhJ0v0sWSEb9qjZ4X7jcU-JPGQUFO_KERisKF5PFjzJisDIzt0ltJERviBWLfnfFuGwR5vMkTevV5-j4Yn3XrtKq3ExyTIuGRVItCB-KA5dYoEe6lBe34V9qf3RkOhA7FjibYOx6PcfT6WzDPxwOiMQYWbxT23PLEEzKaDNJxXkFy_lAo7m4zetF8FfMobPxofacFBoEnLIjjzTS06vGGtZshtcmNemnIl5NVGc5Ik7HII_6IihaQQWT5svwgTq2XuV9llTasaBjTbNadzrA3T5byAW6Fw9A6P9p8NARDT6C34qo9sGFzUw9-8Wr985YQkNAsUVTLfXMC9jbDbpZ_Sxmtc8MyaI85UvZOSpluzJkH8fla6miEobTB4bBp87SwDYar3Q95j0aXppJJoXRc8hgE0UjIJHlrkxImCdHxZMAPrGIdpiKr_fMjvDFsHfHA8eo9O62WtbAv8nAz3zE8j2ya75tj0E0uvZ7B7NyqXmp3geGXrkk1R3kuK1xyP5_8ALlf6QkXa-oD1bpB4O9SROsqNR8jupFMvyqhpl23xfiPTXTRghQYirWEAy8SegGnctE41oSaFk4uTjVB0-7Ai9m4SJ_o3PfIB6m1z7wrTtonbhZRjP_sosNf1IAlDlghhoF7e4fGqcPaaJgl8H3IloyXokvr2sLnVsL02IWTfRFK-4Ea51aFHwl_62BJrppMT_uoDp2GiDTHTumtf1jweaQKEIEOAm2MN2oGrFUH7HR7_TfEbjpuFxIZSzLpcNWvT_0uk2gF-EMLwa3pXhFidI4pt8syFNQG5zhHEU9NtSKV4oXL9Ne5OsJKqiRanl7nGFBb-xjnn70xD9tOVQdK_nKUlWc&cid=CAQSTgB7FLtqk702ydilQJLqmpz43fl4I-CKyXTuofr0DSrhty-1YXGo5-PNxjjw11FW3T7AVszeBvESMwKUKnLAkswvb6BZdXl-8TTmVsxiJxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.hespress.com%2F&ds=l&xdt=1&iif=1&cor=17088123318176852000&adk=3690638928&idt=111&cac=0&dtd=43

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcf38769e82670c017d65448fbc2f57654573c06a50500671fb5c264265f1d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20458
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 29DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

51ms
51ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H3
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Redirect headers

date: Sat, 02 Mar 2024 19:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 3332 30 KB
11 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5IFypmX5n-O27W-v2n8Fzu9p-5-tRXuYlz3AT5Z3muHvjQD9lbqFvBRVJJy6efTNFFE324gwasVSaIREMo8xrpw7z4WZjlEjRhGqyGvrs9peSrH4PcHlXC4DaZFMBJrMQ_H4l3bln2be8b8dJLxFBr_z1Wd_bkp8WPdg9SeqSUyr01zI2Il5C5Sf-IPEwAfI1MyWdoSst91Kpnj-c_VESLq8oIA&cry=1&dbm_d=AKAmf-AVtvYxx7z6dY01wbFYCfDYrr_L5hVeUvSHCpryoMPxTHHeNCY7sVlW5Eivkv8Pxk8ZxpVyyR5DnSuQDC6QvKvChfdZmdTEeV_96ueN3EJKhRGZgplCLeYnJYk5-PVv5orQFc7lQ7J7lE6I6fUyKcw-FHxy_TAUnr-DRzUich-F6gPs-ISNzLlv3ZKL7xIPLFIx_T8sgZKasDYvrLxpUq_rLLWzm35FpCraP83xyebCEwbyrvKgb-knlU_gO2ZCjEG-UZfkv31tbfPDwBKFUQWWTLMld87cfGnUieYKiNIOe3DbOejftg11ueO18sY5H7VRqBgn4mu1yBVx8H3XnPGt8dybYS1xbPAUJMU6PdLlj9M3X7YrqM0-wAQZ6wrNASy-DBJ8KTOu5zr7OrGYV0wE4N4gjtY48x2YirZsLmChJ3sxzQZqcDpbUGZgO8KD8cCtFaCA2JTGtquSxwtgNIIlIFV5TWst5vQrlsSX4TQv9US8KezZU6Vl1-JRa5aUB7Bwd8MfL8tlz6wMhKuAgxKp43hxlEdeaknR-11F6FSn6etEGD1C0F6JIQp0-582lGyvMW5qTVTbWVXdancECCyFzT-yuiW2cUMwz0vkb7pZjAMCf9ObGwsoMaeSrtJl_VYBsEwF0Rd09dwQBUPXQSORZh5lpXHUJkSjQr5ZAOIfbCLRFst_ybfmM3IOji5Vo5JfUg0nurSN5LoXBXswlSnytWrbYhSl5eJZNp4UIWjOGDbckZsXEj6hvrKrEwsIKYogLhnQ83KbDrqk22DKi2qIuRUAASIVdDJuwDsGTSQLey13a6DdSSR9Th3yLmhvFejr1QxpFsXQo49BYMRoUQ6kzisYGeZpAkmtszAtE1jsknyHl4yn_VfcCvMLShXUMo7CCsE3cBXx9XG4UI88yEcbaMIe3AZSryOlsZfnEbfRrgeSAhDGmoQKhdPX9eQa6GiPN5aH8eNAimFsEoinT9CRtm1bzoQ1w-OkaBSjzyu59LS4ZXNSEA_ilDTBS9xgJCYsujtAuGjQZjMaNWGg16xgja8cjoPNxynIi0VazQYdwELEvkNntPoNhNcld9Y7h0ledAQEL-CQuUFEmfssB3V-2XIWMExbkBHfuDNc7GspbAn7vAtbFOWUBC4FR51iYCLqy5YWufUmHrDNYYgmjuu4nw_mPZ4dPmpTKnsW4EnHOydQuIbvySA_sQsEOC7T3B8MWPOh9tyzPuUC484sE3mKnGAq-5ygpQIz9pfpBVR4HDnTcqS6S6aUilbey-zb2YN41vKad-KZIG3aC4Yix1JDqGQNLjOKhYOPiHugTmEl42fusRzONU5Kx6MXQX1T-LHv4nDlmjG3xeyD1SPMGg-kdPnEzfCLV_Zz4DTYdjJwWH7iAbco-K9jLQWVwMoaZVGAkpSDbn8qapbhYVUHaJN3tEpKmdVWUi35pG1_fkTr2CkNislRL_ZQngJsXPYkDDjCVIsvBhxHNZr1DK8X8puCrAafWGRfrNaljU6K6Bz4pTnK3zr8KnS_HnJmfN6O4yo6QUSMgWraVy6Cwva9j7XrL5nLSPHV18MfLdB23vCNQWauLdA-uGSBnhXc0h_JY233FJYA2zLFNB5QzsA2N8q6bBc4l5IFGZ2TWKP7ZPuxwGKwKeoCrEtmMUDgF7uKxjkcb1ZBhIpCl5SZgA4EIOBNkX9MQmkQWYzfMe3VmExrUTq2yaCCYK-GMquKSP9fOF-59-Y-n3TxdZnklRyQCQaWcu2XvyJTASgcMRK8coyk2CKweV4PtpqMubb1e-GziyCqJgTlzKK4K5kYf7RMQfIR9o6CufF0yUcK2OSBXKqGSdZuJo9UssIqnEQl_FIDZJYXbtgZ6qN7SERhyqCFIr4goGoU8jeZ3igo5jc3iZ8WXo4sxaJgBICR3BXucYoqXmDwVAwoQo4imwK7a-Db7U9_ldC1PbaC38w43xK3OKrSkgWz7lmvf5gQ2PKFRwltJ-DafgDwu0OiAmWvlD15ZNQliLqFwMvdTalO7Oo0Gn0f4N_74EsqE5K1UJgX_Jk40PYSKJbsf7NvWZM5yRJ6_TSRNV2pnaPh_rCH8VuE4XKCk9QyyYgKSkomQxBzlu_SuJtZkAwEJIQeaPv8Rf4pPnfy749YSyFWuugscmPsd_grJ4Bs0iYgbDPNtsFtWjf3AW1IF-qEOdZKi94AhrfCS5Ix-trUXXt1B9nSeiolNdyOA9uZduvvF1FSsXsa3QzwR380t1lNwMEBk5k2yLexHsLSUI8G01gLWrYu9DbjldC_8oxibT5jIvloDfLdz4W82-u_Mbnph-bQ_F0gL8l-_tgvgkMgwXi4Jg_MWepOA8QFGw1rPCKlWNiMKNDo2A3UG9NmLm1Iw0qlRLlzZwaTljsAcO_7GxnKfqER9UcvhcC8NO7HQ_e1OPeeszawm1T4fvPrzQEf9kaQEf4z5EScYBK6XjmtGIIFgYp8lcqwhFZ0ok9EoSTWlIRip7vWPjd5F2ub_-qcBQDFDBWK9nX4my1siljF9G8_aFVS2jycc_ogJCK-VfqErBhqixWDqhwxt6aqL3awup0WMC3AQugot5VRaxcmfj8Y7tdD_nejf2_7BufpN3NSbYMq0AvbNKTEuJpheJbBBFew2x0BKDbtD-Mcp6SCX-WEtVLgIxcbPW1VHSIHfLNRw_7wGqchCh7leQB9dsNKJg7_boXjqdzDhpgdvg1q_Jl9fGIIfpIYGGhx1yELF32BrrZ_pfGJQKuu49zm-O15CU_f5d1gANAAbFtcftQOfMzZSOoC7YI2jtIC7XpwGUda1ElUqXXYe_fNQEt3bT-2NnAfXgqDI_mhsr3hMuKwW6aCjuQY2WKI_qSqvo3-5FH-Lwqo7_it3cAZMi6w45s3p8nOcmxGYC9m_466FoEe15ykR2lCOxnO0nAXl5o3U3-i7KTaY9bwE1o3EAfmTlr6yVQDiZXbCPNnQAMXsgWghiS8o3To5-EP2ySXVkXlFnewB5hopy7AEHe00u_eJj5Py92mL68gCAZrvkQAHGfhXJUxMX47am07O-KIxnAn_H8MYsDnDDude2ytjQmH0A27OkeFl95aJR4BrkSmGEXFJTtXkZJR9HlF4Iu-39TVBiKlCAyLAdGZBB3BAiW0Dzu9_rV72NQJBxmHzcwsV_9INKE_DsnrX8oNcotAF_xbVSyaKW_A-2aJVcoJYj2LAP5a7dDH6Vs9DowRz5DrDwHXQKbA6ZKk1oIU8AIMB22a0cewvAYzeGQW89JGE_KjNfuAsKgOCHjJMPtSZTShh2d52IHXdIDvsxTSG0KJAIDEDZHNDszqzUocHJucc_4m1xxsPN4So_TruOXY2LCReU6BL2Jn16vJV82aw4E7oqrbV-uLbKwLzUReehjJEjyCI7ZWy_pWEGDUgBb29dgt9vOFQtgXXFrJUa9FYPQcJe6Pjh5kee-KTMMRn-miVNDOeiY0fVxIFxjdSiMZI6OcYTJaE4rO81v-oOTN2OmpwkdfZ_rq1YynJTrfcs-rpvK55nS85CSKzYuijZJQdt31Kt2ALunPVlG4mTSzA_ZYlopW58-pR9ms33z4Ko93hH2TJT6DVY8C6kAMD2cLMdJnhJ0v0sWSEb9qjZ4X7jcU-JPGQUFO_KERisKF5PFjzJisDIzt0ltJERviBWLfnfFuGwR5vMkTevV5-j4Yn3XrtKq3ExyTIuGRVItCB-KA5dYoEe6lBe34V9qf3RkOhA7FjibYOx6PcfT6WzDPxwOiMQYWbxT23PLEEzKaDNJxXkFy_lAo7m4zetF8FfMobPxofacFBoEnLIjjzTS06vGGtZshtcmNemnIl5NVGc5Ik7HII_6IihaQQWT5svwgTq2XuV9llTasaBjTbNadzrA3T5byAW6Fw9A6P9p8NARDT6C34qo9sGFzUw9-8Wr985YQkNAsUVTLfXMC9jbDbpZ_Sxmtc8MyaI85UvZOSpluzJkH8fla6miEobTB4bBp87SwDYar3Q95j0aXppJJoXRc8hgE0UjIJHlrkxImCdHxZMAPrGIdpiKr_fMjvDFsHfHA8eo9O62WtbAv8nAz3zE8j2ya75tj0E0uvZ7B7NyqXmp3geGXrkk1R3kuK1xyP5_8ALlf6QkXa-oD1bpB4O9SROsqNR8jupFMvyqhpl23xfiPTXTRghQYirWEAy8SegGnctE41oSaFk4uTjVB0-7Ai9m4SJ_o3PfIB6m1z7wrTtonbhZRjP_sosNf1IAlDlghhoF7e4fGqcPaaJgl8H3IloyXokvr2sLnVsL02IWTfRFK-4Ea51aFHwl_62BJrppMT_uoDp2GiDTHTumtf1jweaQKEIEOAm2MN2oGrFUH7HR7_TfEbjpuFxIZSzLpcNWvT_0uk2gF-EMLwa3pXhFidI4pt8syFNQG5zhHEU9NtSKV4oXL9Ne5OsJKqiRanl7nGFBb-xjnn70xD9tOVQdK_nKUlWc&cid=CAQSTgB7FLtqk702ydilQJLqmpz43fl4I-CKyXTuofr0DSrhty-1YXGo5-PNxjjw11FW3T7AVszeBvESMwKUKnLAkswvb6BZdXl-8TTmVsxiJxgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fwww.hespress.com%2F&ds=l&xdt=1&iif=1&cor=17088123318176852000&adk=3690638928&idt=111&cac=0&dtd=43

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d7ccd1b1b1900c730b760fa8b3b5748a073ecdedbd7710e04fbf03cd42afd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 09:45:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11520
x-xss-protection: 0
server: cafe
etag: 9162932350781899495
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Mar 2024 09:45:24 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3332 41 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 10:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Mar 2025 10:03:14 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwOTQwOTQwOTk5OTQwMAogIHNlcnZlcl9pcDogMTQ2NTM4MTU0CiAgcHJvY2Vzc19pZDogMzE1NDEyOTU2Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame 3332 0
859 B 178ms
78ms Image
image/png 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwOTQwOTQwOTk5OTQwMAogIHNlcnZlcl9pcDogMTQ2NTM4MTU0CiAgcHJvY2Vzc19pZDogMzE1NDEyOTU2Mwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogOTE3MTMwNTk0NjAyNTk0Mjc0MQpkZWJ1Z19rZXk6IDIwODgxNDkyMTk0MDI5MTk5NDgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAzLTAyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4OTI1Nzc4MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzM5OTQ4OTY2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIxMDM3MDU4NjExCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTU2MzM3NzI3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNApkbWFfcHJvZHVjdF9pZDogMTIyNzE1ODM3Cg

Requested by

Host: 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
URL: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:50 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xdc3e3134fec155b80000000000000000","13":"0xeeb19df235abb9f00000000000000000","14":"0xc0995b636d5365b70000000000000000","15":"0x785d3b842b7faccc0000000000000000"},"debug_key":"2088149219402919948","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"9171305946025942741"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/232911;8216644;201;js;DV360;DV360FY24AcrobatDemandCreationPSPCustomIntentDEDSKST300x600BigIdeaStatic0AcrobatDCEntApp/ Frame 3332 2 KB
1 KB 283ms
96ms Script
text/javascript 104.68.68.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/1/232911;8216644;201;js;DV360;DV360FY24AcrobatDemandCreationPSPCustomIntentDEDSKST300x600BigIdeaStatic0AcrobatDCEntApp/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.hespress.com&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.hespress.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=120414.64619336728

Requested by

Host: 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
URL: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.68.68.28 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-68-68-28.deploy.static.akamaitechnologies.com

Software

prod-xre-app5.frk11 /

Resource Hash

27df5d5823096a2c9d10817d4c5d90afc0b81c8b30f8440ce0f9f8871c31a1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Mar 2024 19:56:50 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app5.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 831
Expires: Sat, 02 Mar 2024 19:56:50 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 683A 0
0 81ms
81ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2RbVfYTjZdGZGOjTjuwPwZKU0A6YxN77daqVkODKEmQQASChm-0xYJX68IGMB6ABovKhgSnIAQmpAkf1gZuHLrI-4AIAqAMByAMIqgT9A0_Qe3x0_kY0asdd7toiWZeprMElem0Nf4W4zaPjnY0lznklYtQBZJ2k1w-_DBYBZATnXRYKD0S27uRDod5OCS0FNN37pFcCMgHIejtUelvnqU5m4Ttl9y9appQaLwQgWUbyCYNtPLLCBjsubl2-PTWC8AyxomD16sACp9FwwWdyeA1fM80Ymy9dN0NJl9ny5uT422lOB2YhDMOuqrM60jFCep1lRcEl7YZedPMGJrhaHT9xKl_c_ZIwX5VR2UnguwTLgX99s-sjp66qr-ix0z6ub4YJKb9XexPvZAkKD_eDhOVy0EG0DX_vfJCUr4U8vLHPKudV8vLmyXvkmnbaNuFcX84nZmv8P9QhpknUV_iMXEhq35bm_HDwPcWx6wJt3ck1M4_DwB_-lK3t2sPREUrZ3E7IW-9OUBlq4PicZwYf-APUk1UqvCt6Gbcjed1og93BoMBYGfXOxSFTn_19MEqyUYRfUZSh5k8dHraoP_9bkjJWm6APfn-KLO1GhXr3ElTKWv9Zdnhn-4yGEhNhwgtJJlg3v5SdMMifCnaCMAlNkErHcfP4eJ7_IZwFKOmLIZNcusG7vtYlKnunhYy2VLZaM03mvbWvWhVbhG6c2yc0WgPyIE7M-wEY5RUA2DYthcz0IyC1AIl0wifPHmn8qSa4Wv2ffQlNE-ODp9rJwASXy6rKsQTgBAGIBYKUzsVLkgUECAQYAZIFBAgFGASgBi6AB6Kq8uADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQyK8S0ggmCIDhgBAQARgdMgKqAjoJgECAgISAgJQoSL39wTpYtPWHo67WhAOaCTxodHRwczovL3d3dy5zdXJlc3NlZGlyZWt0YmFuay5kZS9kZS9zcGFyZW4tYW5sZWdlbi90YWdlc2dlbGSACgPICwHiDRMIubqIo67WhAMV6KmDBx1BCQXq2BMO0BUBgBcBshceChwIABIUcHViLTk4MDkwOTg2NjgzMDU0NTcYtKgd&sigh=u_tWJuRxLyA&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgB7FLtqk702ydilQJLqmpz43fl4I-CKyXTuofr0DSrhty-1YXGo5-PNxjjw11FW3T7AVszeBvESMwKUKnLAkswvb6BZdXl-8TTmVsxiJxgB&template_id=419&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 29DB 0
0 81ms
81ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRLMEfYTjZdSZGOjTjuwPwZKU0A7qkM6Ydsyw85O1EWQQASChm-0xYJX68IGMB6ABg_anzwPIAQKpAkf1gZuHLrI-4AIAqAMByAMIqgT8A0_Q8avP4YyXSpqcljV9O-u6heZ6uI39X8a5Xv6eGMg1Or9q7VDoo4CDy6MEuTrIHvJZUDDbrudCTcZkcw0h-l_ftNyXo38Nk0GuAVZv5gh5GWcUKRCF03AOmCELe2KSJfl5BT-SRV_92KWdpFXjs6gGoiQYiqXXH7LW4nNb_vk0jEKNueOJiSa7yxEzVOefR0k6UxX6-6PnEmNp6DFeOb-CN1NXaMt8Cpr-iVb4bBR6g-lU0AG9YqOonjG4otWjPutZaLGXsUqlrhSRngRIzqk1nRWRGDDbfWf_pw_NsLIW6uJGlXicL6CQN3xoizJLcnh2zf_d9t_5a8SJVrZ8YTH3_EDWNSIdY22wx07HVwVAhxxWSh1JBMvVrm3e-9IWd77GK1l3Ti8n437OBaaYLUVpuYEQ12J_6Y1icOL-K6WbV0PCnKc3ZGsqKx_ifTBuHfW0G9rijQL8F52asQ9ttHPhRFKRzAG3U3qlyROSxxio5zTKidthoPXsJJ9NgAZ4Se2xzeQ9qv_7CXqbZT6wwE95-88trb9k72UFSRm-bfuLQbyS7DT-Yy6UYZXvzYgAEw-BU0HT2NRCVWlFpjCsPyFLxSCEyLv-Ejcj-b2O0nNj5Grv5sI4ObBuy7l5NkAVGEnT0keLdybDtTcUb5NFDQ372krz_cJIsBmKzYHABKO0w4K5BOAEAYgFvfeKqkuSBQQIBBgBkgUECAUYBKAGAoAH5YnYMKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEEOi8GNIIJgiA4YAQEAEYHTICqgI6CYBAgICEgICUKEi9_cE6WLT1h6Ou1oQDmgk_aHR0cHM6Ly9oYWdlci5jb20vZGUvbG9lc3VuZ2VuL2VuZXJnaWV2ZXJ0ZWlsdW5nL2tsZWludmVydGVpbGVygAoDyAsB4g0TCLy6iKOu1oQDFeipgwcdQQkF6tgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi05ODA5MDk4NjY4MzA1NDU3GLSoHQ&sigh=CyNp8XcqAAQ&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgB7FLtqk702ydilQJLqmpz43fl4I-CKyXTuofr0DSrhty-1YXGo5-PNxjjw11FW3T7AVszeBvESMwKUKnLAkswvb6BZdXl-8TTmVsxiJxgB&cbvp=2
Requested by: Host: www.hespress.com
URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 787A 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mxxZVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 158B 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 122015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Mar 2024 10:03:15 GMT
expires: Sat, 01 Mar 2025 10:03:15 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js Show response
pagead2.googlesyndication.com/bg/ Frame 158B 52 KB
20 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 01 Mar 2024 09:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20324
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 01 Mar 2025 09:42:54 GMT

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame 3332 86 KB
27 KB 178ms
51ms Script
application/javascript 2.19.120.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/232911;8216644;201;js;DV360;DV360FY24AcrobatDemandCreationPSPCustomIntentDEDSKST300x600BigIdeaStatic0AcrobatDCEntApp/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=www.hespress.com&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fwww.hespress.com%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=120414.64619336728
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.120.9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-120-9.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 19:56:50 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: GPGGKCKYQVCATHSN
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26381
x-amz-id-2: xOIkb7fO+xK9juVrUOWGSypElUflrMojVDhJi8AFp+WS7ceYbPq9k+5xlSoAl864KuEbgRIcAFY=
Last-Modified: Mon, 12 Feb 2024 15:44:51 GMT
Server: AmazonS3
ETag: W/"ced6ce1b7b99b74cc94c9fe3e5e2b4d1"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 475275199 470807585
Accept-Ranges: bytes
Expires: Sun, 03 Mar 2024 19:56:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 158B 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3RMMgYTjZej_PKr97_UPm-WA4AsAAAAAOAHgBAI&bg=!PzylPHPNAAaCCwxOogs7ADQBe5WfOHKcdGTJ03xMM2iz4S-6A-R4ZxH7P8LvsR4RLGtWmhT23yFLvxqiuzKF4BsYWGJxAgAAAGZSAAAABmgBB5kDHGxAp-NWlnODRIIxGKytqWc84sHG9LV8alfwVUyliGekPzrpKzfHpVeDzy5tDTYc1OEf8rJppWAPuxPb3Q-UNsfsgZPZ44i9HaFUIpYdKv1-8sLfPdoxGOu6bMM03vzgkujcn-LbkqSrMRe_opXCJtRYMX7p66gI_eiDuEek9xzVk_4FwpFiKAgeH1s5Xb8IUOsOc5F9Y9IKInOzUv1s0hd8ighzwmjfaJl7fzbr1VdJ4_4sXWeB-31rSZg_VYXi9hrhW-jXYyJDf6-4KnLZqDncoNm39UZj5MJs4ZaS28DT7JiuIByv9UvaYYNfvA3ev3iP-cTS3PMuQA_yom2AXSc-AgWEhE6XebMXWv-_FkIhiNHgeVLVfJwK1sjUIKVtvgAGc5D6yjDMZSkHm4aT5P6mAyq-_J9WTzZDxAHzdAlOoqAjhmT6VLfAoH162vvui1I2GjMfWsPald809tQE37nOUzviO6Tfp-v9LSsrx-7xCFT3oKpo9EKt8HV2XVSu1MxWBrR7w3MhHF-NB3iianJ-nl91ruG_HJjzShS0epNcdUQP9SSB8saDLqIGkvVMIvYcmZKv-nm-CU3m4vS_k_cdFuJE8AlzcwvN9CRbA8PgEATtnFzkauW-MtcbxUsYPdC0L54huIUpmo2hhCGk4xHOg_tvbKqgeCHRZ295pzkrmGvDCdhPEOPeNLuEypIqSlTtTMINyNdEClf9IVYpbUOrlbTTAfQBkZN_dl1U-KPTMqA9p6qhG6X9Ou9ux-kfnVVu6QN9Y3Xmb2xFMfSFuA2Y7-M297oekHWi51pOvdqW4vAp1C0gRAEMD3PskBZp1Y_Unsb9REE_EnmutK1ArrTW6-C_Qkagt7I45qT8-rGNZf8rp5TBajJ533iJ_DWY7rVFthrETdGOFJ8WUT49puoO_QRt1Sn0UOJgSdqAxWuw2-qzxxcG4NSwf-WtMU6I0ohXK3jktiv44cM5XzernK4DUZODaG5NfV2XSYVAYiYrVDx2O5I5bHHSIAes-mavLANiKGo3YXKoq5iB0rXM67KNQKzOJXDBgfTRQG8

Requested by

Host: 0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
URL: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3332 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0f70880cfd2739193d1dae80c47370f574b952900891738bfbb1b564e75d6ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4611330.json Show response
agen-assets.ftstatic.com/display/8216644/ Frame 3332 5 KB
2 KB 147ms
40ms XHR
application/json 18.244.18.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/8216644/4611330.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-79.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33f56cf4190faaec1136a9b7ebb9791d34375fcaeb3ef2b018b5810bbd69681e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:32 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 872b8cb7808b8e013ecc6c3cc24aa826.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
age: 19
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 01 Mar 2024 13:52:52 GMT
server: AmazonS3
etag: W/"4ac15a9151813e7d4d92965abe2163a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 439201672
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: zv6tM122SG-v5gDACTSbIvUMtSTt0SixJDNuUUtiR1ul2EckWhTyYg==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402220101&jk=819895365435208&bg=!9_Sl9LvNAAauXHXJjlw7ADQBe5WfOCa8e6X-QHxIJom2WgG80FwhBRRwGs_PaQtLjVpKnOf9YaVMBdZLIawWDmvUkbycAgAAAZ5SAAAABWgBB5kCxIUq80itO-mKajvbX9ahfEDOlzC_Ytv2ZHPmp_X6uDzyeQWfqKxAXI9Fx6CT7Seqiumb1n4FNBPdUxsj3YV1hZMbIWBXS3fN0WU8G7GzbHOj78_oObMBrMV2C8tP9yQZiM3Yd_tg83yw9sBjZAngvLkhetR6ed5_JOECF9x988dypmw8adblyB3cy_YW-5kVE9aNz0sTz4rbUrZAufHfQZu_33-Bux7AyPNnOH9nFEet5KB8gTlBaqlTtyNXuXh9HwEuzvsqIl2I1EcQReIbL0a3GzRuTVELaIlzykA4oKf5DPutJdKupYv58yoNv5FGI40mwYsFNDsfA2zlAFHAf0oUwIUlP5LCh-EVyJ6JgSc6a5In02o-kKONRltbzyqq_fzvFS7hfT1lKh6EVQn4YT1Wy8e59GJQK1RJFhH1Gr8kzO3WgLHBYABkzLYTpEYnHSVR3gDm_ZaeY6gd71FNCu0dN1zqQ3_9SCZSYQUTPGO-CjJNBp4N4hiwCgDTipUU6XGIq0sjLOhoL8UJNnrTZugsAnM9QU_xWM6c1ZgHB7PJFCqRdJVNDgIWz3E5D229uNsDT_vRoqdtwVBwDRvdvIicZnF233fVFA_cOjYUP5yA_EbO40oPV9H6v19aqEZXUCfH2jQXQqXxL1KbZBkKDHfhq8hVdQu1Nx65SLjHpEsyVHisLcUvEkOnnKR_Il104WjcgKqhB0MziT7Q1uwI1oQxBH9WiyLs58680zsC5viLuKhPbUlIs5gncBSbOWb8jBIDTNa8-tlxfoKKIP-JLqa11JyNfT6IVJK1zlu2vQi_8vQ5exESwzZtSr3PG8KMQj6jcJp3Ic7UVJ8AJnyZnwisd-bafioOUycQ8I9z54p5-pNVVvTQkU7B77IsI-CspqBqUwwTXxhpHNNa7b_8c9wB3O-DUwpxnCD0Al4tbSGX8OTJnw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame 3332 606 KB
164 KB 192ms
59ms Script
application/javascript 2600:9000:2171:a600:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:a600:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9c72392ba3b2980fc04de581a20655e218696e25cb9d5cd8c88d488eea8ebe14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 15:59:11 GMT
Content-Encoding: br
Via: 1.1 45dddc65ba3da4a1716d9c10f4aaaa08.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: CDG53-C1
Age: 14260
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sat, 02 Mar 2024 15:59:11 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: eWfpKj8DlEeISlinODG0UgcW9JxlIEHcxxQSRBFnR-GWfhU_o5_npg==
Expires: Sun, 03 Mar 2024 15:59:11 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame 3332 17 KB
6 KB 542ms
81ms Script
application/javascript 2.22.40.43
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.40.43 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-40-43.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 19:56:51 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 229498003
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Sun, 03 Mar 2024 19:56:51 GMT

GET
H/1.1 200
OK FY24Q2_DC_AcrobatDC_AcrobatDC_DE_DE_BigIdea-Static-DV360-AcrobatDCDC-NA_ST_300x600_Blank.png
cdn.flashtalking.com/192495/4611330/ Frame 3332 86 KB
86 KB 1244ms
935ms Image
image/png 2.22.40.43
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/192495/4611330/FY24Q2_DC_AcrobatDC_AcrobatDC_DE_DE_BigIdea-Static-DV360-AcrobatDCDC-NA_ST_300x600_Blank.png?987147688
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.40.43 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-40-43.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 0ed6490af26e1b5be3712ed1805ff7f8de19dcf6ffc9bd40fe234f9547052662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 19:56:52 GMT
Last-Modified: Thu, 08 Feb 2024 13:51:55 GMT
Server: Flashtalking (AKA)
ETag: W/"63fcd4f3b79f3cc78520fd56a119270b"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 148192013 148123369
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 87899
Expires: Sat, 02 Mar 2024 20:16:52 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame 3332 1 KB
2 KB 308ms
102ms Image
image/png 2.22.40.43
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.40.43 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-40-43.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 19:56:51 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
Content-Type: image/png
X-Varnish: 172605679 144506774
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Mon, 01 Apr 2024 19:56:51 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 29DB 42 B
64 B 78ms
77ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIeXDVnNBfbL-zBORZbPv6YFDwycJdsDoIiD5fMa_JMrVywlVU_Nf5qybFcXEt96wTTdLH2DL4FJZumk8tzfqsVuVGWjCI7rh_a0rkmnmaHLtaDDKbhv66JnPwEUoA4RL4_mWTYc0DBlDpEnsL4bTorwC69whNm0WmJQ&sai=AMfl-YQfd_PVGGVoKFfsIpEcZ-vALgx9xXYavGaVMJbF-llTUQoroFC-1Yn4meySoYo9RjGOd9WJU-r-BjffGTlZfRtHFUq2cVpPRpFBacXPkkodnhYfcp1CA9qB79stFy2eOLiUNJdL78ctHA1uw0AR&sig=Cg0ArKJSzAR6NmWxnzixEAE&cid=CAQSTgB7FLtqk702ydilQJLqmpz43fl4I-CKyXTuofr0DSrhty-1YXGo5-PNxjjw11FW3T7AVszeBvESMwKUKnLAkswvb6BZdXl-8TTmVsxiJxgB&id=ampim&o=296,436&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=525&tls=1525&g=98.33583235740662&h=98.33583235740662&tt=1525&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hespress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 3332 60 B
655 B 615ms
176ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=YDVeEeMyTpirhUjUHzjmZYyfTqeUBasy-FE7fPshldVPjMiMY3H/AF03FOsk=-E03BNc5ublPnNw==&pm_ct=c7d0862457e80ea1484743c2&pm_pl=1709409411244&pm_td=25&pid=1000941&en=1.1&callback=__pm_glbl_9X8IHc8BlY2BHk1VCj18deBm._gc1&tt=g&v=c6c440b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 52aabb53713aafb620b51ea6fb3f3e5bc0c1c8c5662a7b64b154b88b7f2e29f3

Request headers

Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 02 Mar 2024 19:56:51 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 60

GET
DATA 200
OK truncated
/ Frame 3042 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3332 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 202983d9-8fad-4247-83bd-f1d524c988e8
https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/ Frame 3332 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/202983d9-8fad-4247-83bd-f1d524c988e8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 93ab10e9-9810-42cc-997c-5f104648336c
https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/ Frame 3332 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/93ab10e9-9810-42cc-997c-5f104648336c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H2 200 /
ad-events.flashtalking.com/state/8216644;4611330;0;271;BD1EEDF9-C52E-7DEC-315B-8514CB17FB97/ Frame 3332 0
67 B 205ms
47ms Image
text/plain 3.66.95.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/8216644;4611330;0;271;BD1EEDF9-C52E-7DEC-315B-8514CB17FB97/?cachebuster=990118492
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.95.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-95-67.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:51 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 3332 1 B
377 B 268ms
54ms Image
text/plain 2.22.40.43
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8216644;4611330;0-304-0-0-498569618
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.40.43 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-40-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Mar 2024 19:56:51 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sat, 02 Mar 2024 19:56:51 GMT

GET
BLOB 200
OK 65009041-1730-447f-890b-0213411da4cf
https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/ Frame 3332 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/65009041-1730-447f-890b-0213411da4cf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3332 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8681930591333&version=m202401290101&ct=77&x=1&cor=17088123318176852000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3332 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 3332 1 B
377 B 213ms
54ms Image
text/plain 2.22.40.43
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8216644;4611330;0-306-0-0-34068990
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.40.43 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-40-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Mar 2024 19:56:52 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sat, 02 Mar 2024 19:56:52 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 3332 1 B
320 B 295ms
295ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=YDVeEeMyTpirhUjUHzjmZYyfTqeUBasy-FE7fPshldVPjMiMY3H/AF03FOsk=-E03BNc5ublPnNw==&pm_ct=c7d0862457e80ea1484743c2&pm_pl=1709409411244&pm_td=647&pid=1000941&en=1.1&callback=__pm_glbl_9X8IHc8BlY2BHk1VCj18deBm._gc2&tt=g&v=c6c440b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
Date: Sat, 02 Mar 2024 19:56:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 3332 6 KB
6 KB 234ms
56ms Image
image/png 2.22.40.43
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.40.43 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-40-43.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 19:56:52 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type: image/png
X-Varnish: 69423302 69718121
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Sat, 02 Mar 2024 20:16:52 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3332 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu39MLd67LFzQWMUcRHbA6UmnIIccj3qBQrT4T7oZs6iowDaFjjKhYQ7rYmGMK8NXAIeh-R2gkQcV_EGL9WCzaOZiVX_q2nkcK28qobyCacKVnlIq8ueHWXn48Qmtim273XmkrrO_9vkYfbGV84KQ9XlvbXpfgOuyVFBg&sai=AMfl-YRax4AN8f5xbClPgOCt25CfcllJ2ZJ-6TwqKs9LW7CWqRaszUEM7fKurWYRjIqJvXdamVouxD4_5-2vdlEJqbItE3iqL1jp3wQytZ5MBodeZt1B3oaS8W3czhDmwH03RDtKU6RfLyYlxWGBVhsm&sig=Cg0ArKJSzFNb7tUPeO6rEAE&cid=CAQSTgB7FLtqk702ydilQJLqmpz43fl4I-CKyXTuofr0DSrhty-1YXGo5-PNxjjw11FW3T7AVszeBvESMwKUKnLAkswvb6BZdXl-8TTmVsxiJxgB&id=lidar2&mcvt=1000&p=1245,1046,1285,1087&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2353568213&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=534221000&rst=1709409409655&rpt=1068&isd=445&lsd=445&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Mar 2024 19:56:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 3332 1 B
320 B 145ms
144ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=YDVeEeMyTpirhUjUHzjmZYyfTqeUBasy-FE7fPshldVPjMiMY3H/AF03FOsk=-E03BNc5ublPnNw==&pm_ct=c7d0862457e80ea1484743c2&pm_pl=1709409411244&pm_td=1419&pid=1000941&en=1.1&callback=__pm_glbl_9X8IHc8BlY2BHk1VCj18deBm._gc3&tt=g&v=c6c440b
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
Date: Sat, 02 Mar 2024 19:56:52 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 3332 1 B
377 B 56ms
55ms Image
text/plain 2.22.40.43
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8216644;4611330;0-307-0-0-364954640
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.22.40.43 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS: a2-22-40-43.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Mar 2024 19:56:52 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Sat, 02 Mar 2024 19:56:52 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/8216644;4611330;0;202;BD1EEDF9-C52E-7DEC-315B-8514CB17FB97/ Frame 3332 0
66 B 39ms
39ms Image
text/plain 3.66.95.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/8216644;4611330;0;202;BD1EEDF9-C52E-7DEC-315B-8514CB17FB97/?cachebuster=264527455
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.95.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-95-67.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Sat, 02 Mar 2024 19:56:52 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

POST collect
region1.analytics.google.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je42t1v869673765za220&_p=1709409404732&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=1254823005.1709409405&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1709409405&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html&dt=%D9%87%D8%B0%D9%87%20%D8%B9%D8%B4%D8%B1%D8%A9%20%D9%85%D8%B2%D8%A7%D8%B9%D9%85%20%D8%AA%D8%B4%D9%83%D9%91%D9%83%20%D9%81%D9%8A%20%D8%AD%D9%82%D9%8A%D9%82%D8%A9%20%D9%87%D8%A8%D9%88%D8%B7%20%D8%A7%D9%84%D8%A5%D9%86%D8%B3%D8%A7%D9%86%20%D8%B9%D9%84%D9%89%20%D8%B3%D8%B7%D8%AD%20%D8%A7%D9%84%D9%82%D9%85%D8%B1&_s=2&tfd=10532

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hespress.com/	1970-01-20 20:59:45	Name: _gcl_au Value: 1.1.350217376.1709409405
.hespress.com/	1970-01-21 04:26:09	Name: _ga Value: GA1.1.1254823005.1709409405
.www.hespress.com/	1970-01-21 04:26:09	Name: _ga Value: GA1.3.1254823005.1709409405
.www.hespress.com/	1970-01-20 18:51:35	Name: _gid Value: GA1.3.209043034.1709409405
.www.hespress.com/	1970-01-20 18:50:09	Name: _gat_UA-1423316-1 Value: 1
.criteo.com/	1970-01-21 04:11:45	Name: uid Value: 3878fe91-b29a-4ebb-905c-5c942b73b933
.criteo.com/	1970-01-21 04:11:45	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 03:35:45	Name: i Value: 8b55c4e3-4901-4404-8754-08f671732fa1\|1709409405
.hespress.com/	1970-01-20 20:59:45	Name: _fbp Value: fb.1.1709409408357.1149582013
.hespress.com/	1970-01-21 04:11:45	Name: cto_bundle Value: FXARF19JQlM2Q3FRSjZBQXJ1ZnVPSXNCdUVLNUN3OVJTZkZyZ2drSE1jZ1lIdXB4UGU3ZGZMaSUyQkFzNEttcXpvZ05haFdodWdYVWpOR3FlbjRCUVBma3ZzTG5INW95MTlWU0RVd3ZmOCUyRmwxUWZjazQ0RzdsM0d2TkF6RiUyRktpeSUyQjJUdlAxUzFGbkZCeEhGajFSVTRvNUglMkY5bDR3JTNEJTNE
.hespress.com/	1970-01-21 04:11:45	Name: __gads Value: ID=7f8bc6b525b66d4f:T=1709409405:RT=1709409405:S=ALNI_MbuZAVqrI1m_lFH0vL3mqRHZoPYJQ
.hespress.com/	1970-01-21 04:11:45	Name: __gpi Value: UID=00000d67fbeaeb2a:T=1709409405:RT=1709409405:S=ALNI_MZfa7RkRbjpsmv-J1b8hGUB_uRN3Q
.hespress.com/	1970-01-20 23:09:21	Name: __eoi Value: ID=d0ebc36d407c807d:T=1709409405:RT=1709409405:S=AA-AfjageJavDlwY7DusN7a50XNd
.hespress.com/	1970-01-21 04:26:09	Name: _ga_P97QV0GBGK Value: GS1.1.1709409405.1.0.1709409409.56.0.0
.doubleclick.net/	1970-01-21 04:11:45	Name: IDE Value: AHWqTUmb9DR7CVKiH0Gz3I6y9DMEDkn-eiWojD3qLTvycWNvb7wDplTH-J9ATyVb
.casalemedia.com/	1970-01-21 03:35:45	Name: CMID Value: ZeOEgrmqPfAAAERsAHwQLAAA
.casalemedia.com/	1970-01-20 20:59:45	Name: CMPS Value: 5299
.casalemedia.com/	1970-01-20 20:59:45	Name: CMPRO Value: 5299
.doubleclick.net/	1970-01-20 23:09:21	Name: APC Value: AfxxVi6dajcnFnIhIp3cMghEqOAOQ_Es3pmXACObKVHhPHaPDDNMlw
.doubleclick.net/	1970-01-20 23:09:21	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:59:45	Name: XANDR_PANID Value: 8FKUsi-mcOyw_qS1paYfgBQpaz7NJuLyVYSgb046nGyrhEkMv1YIj5cBW9mXZG_YQNwoIerGN_4BjXG9Ty5KiwFvpidbh2viIiuDSi6jc7M.
.adnxs.com/	1970-01-21 04:26:09	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:59:45	Name: uuid2 Value: 6448018108298937556
.doubleclick.net/	1970-01-20 18:50:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 19:33:21	Name: ar_debug Value: 1

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/447079109144639?v=2.9.148&r=stable&domain=www.hespress.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.hespress.com/%D9%87%D8%B0%D9%87-%D8%B9%D8%B4%D8%B1%D8%A9-%D9%85%D8%B2%D8%A7%D8%B9%D9%85-%D8%AA%D8%B4%D9%83%D9%91%D9%83-%D9%81%D9%8A-%D8%AD%D9%82%D9%8A%D9%82%D8%A9-%D9%87%D8%A8%D9%88%D8%B7-%D8%A7%D9%84%D8%A5%D9%86-501390.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000941&tt=g(Line 1) Message: Failed to create WebGPU Context Provider

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0b165658000700b5384822d9f56bd3c6.safeframe.googlesyndication.com
ad-events.flashtalking.com
ad.doubleclick.net
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.flashtalking.com
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
data.ad-score.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i1.hespress.com
ib.adnxs.com
js.ad-score.com
lh3.googleusercontent.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pahter.tech
palibzh.tech
region1.analytics.google.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
stat.flashtalking.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hespress.com
region1.analytics.google.com
104.68.68.28
130.211.115.4
142.250.185.102
142.250.185.130
172.64.151.101
172.64.152.89
18.244.18.79
185.89.210.82
2.19.120.9
2.22.40.43
2001:4860:4802:32::36
2600:9000:2171:a600:a:deb0:3380:93a1
2606:4700:3033::6815:5ea5
2606:4700:3035::ac43:b53a
2606:4700::6810:3965
2606:4700::6810:5514
2606:4700::6812:16c4
2606:4700::6812:17c4
2a00:1450:4001:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:806::2001
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9d
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.66.95.67
34.102.146.192
34.120.135.53
35.244.159.8
01232ad7a86604d14559bf0c1144d12e297a8dac1275a3ce48e89563f7705035
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
07f591eab839a18c075683c53d5181a78025c6257ad3326721cb081062786cd2
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ed6490af26e1b5be3712ed1805ff7f8de19dcf6ffc9bd40fe234f9547052662
102a92df231a74d7132955778a96df33e9dfe95ede05981232701c48256d3f4d
13e768f8e392f5a9fe62c8e48754bc8f577bef5e98eefd7a25b69517811c1633
16630437c59d975269a8cd9bcebb1def73a4a25299621b2d39928f77f7843e67
1b23472e2bff7d48bca2a06c3833be94e69186ad328f255cb5af1392245d9597
20fc8348abd57ac4a13d67c8c60148a70cd991bc0b24be3b532b0ccce9a1fff3
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808
249488523612d4bb9f2f1ed33a3e5db6b27ed544901d8d2d262f025f81b9c8ac
27df5d5823096a2c9d10817d4c5d90afc0b81c8b30f8440ce0f9f8871c31a1fa
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33f56cf4190faaec1136a9b7ebb9791d34375fcaeb3ef2b018b5810bbd69681e
35a8ec056421aefaad319ace767fe7a10253b921d79359d761a4b34b03f4f2c1
3acadaf7daa178ab4df04dab1ce46251fc789c345add6766e179e5654615c0a0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d58fda5932607f606fce9090e1868343badf37438b3d1cd6e39c6a449e9a25f
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
456ed66365f66c7374c30584910448fd4f545657ef853e77bd4e916ac1076d17
45ae471288ce1c1dd64e40c430fc1eba6854f9a3fcbd496cb70dbbca56b702bc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a9f4910c6a0d7c0072e9ee4a3c30c44c2a386774a2563eec910d484df0abcde
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
50b9b32493095c6ce4391b1faa2588105712b6c3350fddfdffbd4670708e53b1
52aabb53713aafb620b51ea6fb3f3e5bc0c1c8c5662a7b64b154b88b7f2e29f3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
553f2ddf290e1a66520c264bfaf67ecbd6381dc82829eaf16cbb381e5e77ae13
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c01d23be1ebedd7314eb8f71b8f1e0ac374599f0296cbda0a4c287959d8e21a
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6289476e42f5aeebbee07f8637d0747000103d5ca84f3b82fa443c1876459e4a
647f6dd66bd584237f3a057869cdb8d9994a083b5dc296d894e6c137c2b5fefe
661d5bdd23011926cace11441035954ad3be35c79febfd9afa6619508faa1ce6
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5e0bf97c02918eae5524366e6c46e8ec74dadb1d829b336c8af4f7759ab10a
720e75d6bed0c3967e44fc2e0cb6c98588d70d91f637a6738caf90468e89fca7
754746b540a3f56d30cbde61a18df32e543b35a368187bbdfe9b85c876b68367
7c1814a98e79797e90003d9940338ee9ae246089907017da9083b68c88e50d9c
7f646c766f9d8b39f33bfa1e5c0a053ce2b3c4daa0ae59ecaad75621d4599b39
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9c72392ba3b2980fc04de581a20655e218696e25cb9d5cd8c88d488eea8ebe14
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3a442af03e6d2bbb0c23624af19fcbfd0ea30d98747c1518880a6923f24c937
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a7d7ccd1b1b1900c730b760fa8b3b5748a073ecdedbd7710e04fbf03cd42afd8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0f70880cfd2739193d1dae80c47370f574b952900891738bfbb1b564e75d6ee
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
b3df638beb2341056683a71fb246b3d24688c845b622f08f28344bae7b0931ed
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bbb207176fe05cce5fe9ddc0d4a4da4a3373b7fb3637c7755144f9dfb318db83
bc3e54f2e0b07f6437c7c475d148a59198ce17bd84a0090ab22f1b5a87ce0ec1
bcf38769e82670c017d65448fbc2f57654573c06a50500671fb5c264265f1d80
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6
bf3ee9b99ae5f5166d4236a08c089fe0f330f770e9cd74bf4a0f1c604997eb41
c4fa512a905398f4207dcf41492073815b663fb62a7f6862ee94c9e03abdab84
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
caffe6734833ae02d7fa5a4386362603f66bfbd1a03e4041efd2d250657d1189
cbbd98296c77f155a1d0fdef5e6db50c02939aefbfe9072f1234f9c46d322f44
cbd340a22d066096c8205215c648257266f1a22434f2baade482c66ae1cdea5a
ce8d158cdf273df068eb8394b499cc78e19d7706ed618a7ea2137c3f611a3f70
ced47af1aaa15d93da54d1ee71296e49020ef94e73419a8dd787e9ebc4fa7312
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d42ac5d37664515177461acd1032d930c471de5c03e4fa2f188b2290ab2b7872
d662aa0894fbd9805153551b06b9cbaf83df52234bd395913c0b03f7539c6a29
d887816ae8b346d63ebc061959c1b52232e29a7f0f7b72a28a8a89db6f163348
d92d6310bc776e8d30d2f968e743573cfb3b4c5c9d9585871456eb3178e931ac
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e132e9cca86d497a40d8d93ec8d419d2d49a3d4fbc776c4443f99130c397a512
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
e5c84032feeb4a43c1b7b844d1e5fd0ed9933abe164853c0ce19c1295afe887b
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eccd9069b97456feb2f393e414c86ab2060a0ea5d57ba1faa18f18d61b53f21f
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1280517470c638e05a2b686b74a13681c23ae8594311fa9a0d12fd4e8c43dd1
f3a1d73683d6ce7a8bc03f9f108167f2ab92454a53785dfb404144f20fa0c416
f6311e2dcedc88f85b6d4c82ce201c7a926440f7da4739b9b9a08bbba33c8bf9
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f813fed51f3e6c62b912269015f0737f66bcec2fa1874b01e412019605e04c76
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17
fdeb6bb5b9bc1fdb658c97aeb0391507202864100e29b557792bdfa300164446
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

www.hespress.com Open in urlscan Pro 2606:4700::6812:17c4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

137 Requests

93 %HTTPS

67 %IPv6

27 Domains

45 Subdomains

41 IPs

5 Countries

3188 kBTransfer

8173 kBSize

25 Cookies

17 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hespress.com Open in urlscan Pro
2606:4700::6812:17c4 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

93 %
HTTPS

67 %
IPv6

27
Domains

45
Subdomains

41
IPs

5
Countries

3188 kB
Transfer

8173 kB
Size

25
Cookies

137 HTTP transactions
9 data transactions