en.hespress.com Open in urlscan Pro
2606:4700::6812:17c4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://en.hespress.com/
Effective URL:
https://en.hespress.com/
Submission: On May 23 via api (May 23rd 2024, 8:09:03 pm UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 16 domains to perform 69 HTTP transactions. The main IP is 2606:4700::6812:17c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is en.hespress.com.
TLS certificate: Issued by E1 on April 7th 2024. Valid for: 3 months.

This is the only time en.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700::68... 2606:4700::6812:17c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:16c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:780... 2a02:26f0:780::210:a459	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	172.67.138.21 172.67.138.21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1d::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	216.58.212.142 216.58.212.142	15169 (GOOGLE) (GOOGLE)
69	26

24 2606:4700::6812:17c4 (United States)

ASN13335 (CLOUDFLARENET, US)

en.hespress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e1.hespress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:16c4 (United States)

ASN13335 (CLOUDFLARENET, US)

e1.hespress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.hespress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a459 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

pahtzh.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.138.21 (United States)

ASN13335 (CLOUDFLARENET, US)

palibzh.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	hespress.com en.hespress.com e1.hespress.com i1.hespress.com — Cisco Umbrella Rank: 483971	1 MB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164	224 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646	124 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	191 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	171 KB
2	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1034	229 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7810	126 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	195 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 44	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	6 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 444	288 B
1	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2400
1	palibzh.tech palibzh.tech — Cisco Umbrella Rank: 66024	106 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
1	pahtzh.tech pahtzh.tech	3 KB
69	16

	Domain	Requested by
24	e1.hespress.com	en.hespress.com e1.hespress.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net en.hespress.com pagead2.googlesyndication.com
3	fonts.gstatic.com
3	i1.hespress.com	e1.hespress.com
3	en.hespress.com	en.hespress.com static.cloudflareinsights.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	cdn.taboola.com	palibzh.tech cdn.taboola.com
2	www.google.de	en.hespress.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	en.hespress.com www.googletagmanager.com
2	www.gstatic.com	en.hespress.com
2	securepubads.g.doubleclick.net	en.hespress.com securepubads.g.doubleclick.net
1	lh3.googleusercontent.com
1	fonts.googleapis.com
1	gum.criteo.com	cdn.taboola.com
1	www.google.com	en.hespress.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.crazyegg.com	www.googletagmanager.com
1	palibzh.tech	pahtzh.tech
1	static.cloudflareinsights.com	en.hespress.com
1	pahtzh.tech	en.hespress.com
69	24

This site contains links to these domains. Also see Links.

Domain
fr.hespress.com
www.hespress.com
www.twitter.com
www.youtube.com
www.instagram.com
www.facebook.com
www.tiktok.com

Subject Issuer	Validity	Valid
hespress.com E1	`2024-04-07` - `2024-07-06`	3 months	crt.sh
projectagora.net R3	`2024-04-06` - `2024-07-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
palibzh.tech GTS CA 1P5	`2024-04-10` - `2024-07-09`	3 months	crt.sh
script.crazyegg.com E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://en.hespress.com/
Frame ID: 6511C44CB3304167AFFCAB7C43332E55
Requests: 66 HTTP requests in this frame

Frame: https://fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2061E6589CE4341C33D4FF7B47099629
Requests: 1 HTTP requests in this frame

Frame: https://fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 095A0ABD1456955CC7CAFABB834D2866
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 10E0E342CC55F5EFE541E09EBC63C9F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HESPRESS English - Morocco News

Page URL History Show full URLs

http://en.hespress.com/ HTTP 307
https://en.hespress.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

69
Requests

99 %
HTTPS

68 %
IPv6

16
Domains

24
Subdomains

26
IPs

4
Countries

2788 kB
Transfer

6631 kB
Size

9
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://fr.hespress.com/

Search URL Search Domain Scan URL

URL: https://www.hespress.com/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/hespressenglish

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCv-PUx_WSQACDrtlkbaaTyA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hespresseng/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hespresseng/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@hespressenglish

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hespresseng

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://en.hespress.com/ HTTP 307
https://en.hespress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
en.hespress.com/
Redirect Chain

http://en.hespress.com/
https://en.hespress.com/

91 KB
15 KB

359ms
255ms

Document
text/html

2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.13
Resource Hash: bf773a20e416bdb5f2ab725bdd6fe12c70124034b66f84ff55ff12cba7fec1d2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8887ae4d48b371cb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 23 May 2024 20:08:57 GMT
server: cloudflare
vary: Accept-Encoding
x-nginx-cache: HIT DE
x-powered-by: PHP/7.4.13

Redirect headers

Location: https://en.hespress.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 Hespress-Medium.woff
e1.hespress.com/wp-content/themes/hespress/fonts/ 34 KB
35 KB 208ms
84ms Font
application/font-woff 2606:4700::6812:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Apr 2024 10:00:56 GMT
server: cloudflare
age: 2965502
etag: W/"662240d8-89c8"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8887ae5068ad30e4-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hespress-SemiBold.woff
e1.hespress.com/wp-content/themes/hespress/fonts/ 35 KB
35 KB 247ms
123ms Font
application/font-woff 2606:4700::6812:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Apr 2024 10:00:56 GMT
server: cloudflare
age: 2965502
etag: W/"662240d8-8bd4"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8887ae5068ab30e4-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hespress-Bold.woff
e1.hespress.com/wp-content/themes/hespress/fonts/ 35 KB
35 KB 206ms
82ms Font
application/font-woff 2606:4700::6812:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Apr 2024 10:00:56 GMT
server: cloudflare
age: 2965502
etag: W/"662240d8-8cc8"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8887ae5068a830e4-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 en.hespress.com.js Show response
pahtzh.tech/c/ 8 KB
3 KB 430ms
243ms Script
text/javascript 2a02:26f0:780::210:a459
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://pahtzh.tech/c/en.hespress.com.js
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a459 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d889d09b671fa1b3090c87310c8000382e1aade26a285a31f678b81f2e8a95af

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPpgkbCrBhebSLXDbrYkHgoizTTobe4fZenlMTgad_70sbPnHWG1MlF1LtISUm6OTz8j-UYyxJSEQA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2354
last-modified: Wed, 31 May 2023 07:08:11 GMT
server: UploadServer
etag: "7aa1e55a050a3c5b1df74803a6d8eddd"
vary: Accept-Encoding
x-goog-generation: 1685516891206752
content-type: text/javascript
content-language: en
x-goog-hash: crc32c=iFvMSg==, md5=eqHlWgUKPFsd90gDptjt3Q==
cache-control: private, max-age=14400
x-goog-stored-content-length: 2354
x-amz-checksum-crc32c: iFvMSg==
accept-ranges: bytes
expires: Fri, 24 May 2024 00:08:57 GMT

GET
H2 200 desktop_en.css
e1.hespress.com/wp-content/themes/hespressfr/css/ 355 KB
53 KB 116ms
103ms Stylesheet
text/css 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.50
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a233489f0901ee601d67becc2b3e2c9d11c4cdf571cf1d654d9906d3122b6f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 05 May 2024 20:11:00 GMT
server: cloudflare
age: 1554516
cf-polished: origSize=365791
etag: W/"6637e7d4-594df"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
cf-ray: 8887ae4fbc4b71cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 93 KB
29 KB 189ms
81ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: en.hespress.com
URL: https://en.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4ad1c31254cecd75d47d782d9c01b2ab466d9e949fef18505d271e84ada34691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30047
x-xss-protection: 0
server: cafe
etag: 159 / 19866 / m202405200101 / config-hash: 5513061957688964879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 May 2024 20:08:57 GMT

GET
H2 200 fatima-zahra-ammor-hespress-4.webp
e1.hespress.com/wp-content/uploads/2024/05/ 27 KB
28 KB 100ms
87ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/fatima-zahra-ammor-hespress-4.webp
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adf3c9adf7c9e4fa976b4de7ab3453416a6eed665e39e7951290848679d21be0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 14:18:12 GMT
server: cloudflare
age: 14271
etag: "664f5024-6ddc"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae4fbc4f71cb-FRA
content-length: 28124
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.2.0/ 20 KB
7 KB 149ms
51ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js

Requested by

Host: en.hespress.com
URL: https://en.hespress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 14:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6546
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 17:24:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 May 2025 14:43:36 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.2.0/ 40 KB
11 KB 143ms
46ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js

Requested by

Host: en.hespress.com
URL: https://en.hespress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10840
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 17:24:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 May 2025 02:49:44 GMT

GET
H2 200 en.min.js Show response
e1.hespress.com/wp-content/themes/hespressfr/js/ 161 KB
54 KB 107ms
81ms Script
application/javascript 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.hespress.com/wp-content/themes/hespressfr/js/en.min.js?ver=6.50
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf78c422f0f057b98a3c7836e150922d68e0b4f7f6c77172762b906e7e95d168

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 05 May 2024 20:11:00 GMT
server: cloudflare
age: 1554685
etag: W/"6637e7d4-283ef"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8887ae50bda071cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vef91dfe02fce4ee0ad053f6de4f175db1715022073587 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 210ms
99ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.5.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8887ae516c71911e-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 212 KB
76 KB 185ms
74ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L4RVCK

Requested by

Host: en.hespress.com
URL: https://en.hespress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64021d7d71537c0757688e64329f1a75da1b6917ab9acd484ef7196ad03c6dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77578
x-xss-protection: 0
last-modified: Thu, 23 May 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 May 2024 20:08:57 GMT

GET
H2 200 sprite.svg
en.hespress.com/wp-content/themes/hespressar/ 215 KB
54 KB 332ms
330ms Other
image/svg+xml 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.hespress.com/wp-content/themes/hespressar/sprite.svg?6.50
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 19 Apr 2024 10:00:56 GMT
server: cloudflare
etag: W/"662240d8-35dcc"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=300
cf-ray: 8887ae50bda171cb-FRA
expires: Thu, 23 May 2024 20:13:57 GMT

GET
H2 200 sprite.svg
e1.hespress.com/wp-content/themes/hespressar/ 215 KB
53 KB 963ms
963ms Image
image/svg+xml 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.5
Requested by: Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.50
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 19 Apr 2024 10:00:56 GMT
server: cloudflare
etag: W/"662240d8-35dcc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 8887ae513e5a71cb-FRA
expires: Thu, 23 May 2024 20:13:57 GMT

GET
H2 200 placeholder.jpg
e1.hespress.com/wp-content/themes/hespress/img/ 5 KB
5 KB 84ms
58ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/themes/hespress/img/placeholder.jpg
Requested by: Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3b31dc7fd7f48aabf2dbd497b0244c947bb64b134255d4acd4bc404459d3112

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.50
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 89548
cf-polished: qual=85, origFmt=jpeg, origSize=20759
content-disposition: inline; filename="placeholder.webp"
content-length: 4762
cf-bgj: imgq:85,h2pri
last-modified: Thu, 06 May 2021 17:33:54 GMT
server: cloudflare
etag: "60942882-5117"
vary: Accept
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae514e7371cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 34 KB
35 KB 107ms
96ms Font
application/font-woff 2606:4700::6812:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by: Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://e1.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 22:26:02 GMT
server: cloudflare
age: 6141924
etag: W/"6567ba7a-89c8"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8887ae518aeb30e4-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 35 KB
35 KB 105ms
95ms Font
application/font-woff 2606:4700::6812:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by: Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://e1.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 22:26:02 GMT
server: cloudflare
age: 6141924
etag: W/"6567ba7a-8cc8"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8887ae518ae030e4-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 35 KB
35 KB 150ms
139ms Font
application/font-woff 2606:4700::6812:16c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by: Host: e1.hespress.com
URL: https://e1.hespress.com/wp-content/themes/hespressfr/css/desktop_en.css?ver=6.50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://e1.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 22:26:02 GMT
server: cloudflare
age: 6145762
etag: W/"6567ba7a-8bd4"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8887ae518ae730e4-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AFP__20170619__widak-dailylif170619_npN87__v1__HighRes__DailyLifeInFesMedinaDuringRa-scaled-e1716464053988.jpg
e1.hespress.com/wp-content/uploads/2024/05/ 50 KB
51 KB 133ms
129ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/AFP__20170619__widak-dailylif170619_npN87__v1__HighRes__DailyLifeInFesMedinaDuringRa-scaled-e1716464053988.jpg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e29e30d7f5174a2fd0dcf83bddd48c1e53cbb948e50432862f500d6debae00

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 30464
cf-polished: qual=85, origFmt=jpeg, origSize=67200
content-disposition: inline; filename="AFP__20170619__widak-dailylif170619_npN87__v1__HighRes__DailyLifeInFesMedinaDuringRa-scaled-e1716464053988.webp"
content-length: 51444
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 May 2024 11:34:13 GMT
server: cloudflare
etag: "664f29b5-10680"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae518ebd71cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 WhatsApp-Image-2024-05-22-at-18.23.49-900x600.jpeg
e1.hespress.com/wp-content/uploads/2024/05/ 35 KB
35 KB 131ms
127ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/WhatsApp-Image-2024-05-22-at-18.23.49-900x600.jpeg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fb8380c474d86251d2bb46fea22074992ca2ebd215f464f99891d3b7a109457

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 92544
cf-polished: qual=85, origFmt=jpeg, origSize=54362
content-disposition: inline; filename="WhatsApp-Image-2024-05-22-at-18.webp"
content-length: 35634
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 May 2024 18:10:14 GMT
server: cloudflare
etag: "664e3506-d45a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae518ec071cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jouahri-Integration-economique-en-Afrique.webp
e1.hespress.com/wp-content/uploads/2024/05/ 31 KB
31 KB 84ms
80ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/jouahri-Integration-economique-en-Afrique.webp
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18b20477a6fee468abc4da6c7f3a052cb1e3784fd634f015e41bec3e07004687

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
last-modified: Wed, 22 May 2024 14:29:28 GMT
server: cloudflare
age: 104760
etag: "664e0148-7d1e"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae518ec471cb-FRA
content-length: 32030
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nabil-aayouch.webp
e1.hespress.com/wp-content/uploads/2024/05/ 49 KB
49 KB 129ms
126ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/nabil-aayouch.webp
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b395993c5b33da85956bbf185d8f28ca1f6c87a470de53d30b4036f59bb42869

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
last-modified: Wed, 22 May 2024 11:41:06 GMT
server: cloudflare
age: 116632
etag: "664dd9d2-c4d4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae518ec671cb-FRA
content-length: 50388
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20230926-WA0003.jpg
e1.hespress.com/wp-content/uploads/2023/09/ 27 KB
28 KB 131ms
128ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2023/09/IMG-20230926-WA0003.jpg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8381d5273b2e303974684b850c7eb39221fc64d33c63d267678c777b20f1d213

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 102707
cf-polished: qual=85, origFmt=jpeg, origSize=35198
content-disposition: inline; filename="IMG-20230926-WA0003.webp"
content-length: 27994
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Sep 2023 10:07:39 GMT
server: cloudflare
etag: "6513feeb-897e"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae518ec971cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 soufian-el-bakkali.webp
e1.hespress.com/wp-content/uploads/2023/08/ 37 KB
37 KB 146ms
143ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2023/08/soufian-el-bakkali.webp
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee9bd6d9024db6023c458668640f2e16afc3c8dc7eeb03458d8976bf939eb694

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
last-modified: Tue, 22 Aug 2023 22:01:04 GMT
server: cloudflare
age: 191561
etag: "64e53020-94c4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae518ecb71cb-FRA
content-length: 38084
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rsb-berkane-1.webp
e1.hespress.com/wp-content/uploads/2024/05/ 80 KB
80 KB 84ms
81ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/rsb-berkane-1.webp
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4c4e8f7d605f2666cbe452e63241549a301836baa8209786a3c801d4c87366c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
last-modified: Sun, 19 May 2024 19:39:37 GMT
server: cloudflare
age: 346937
etag: "664a5579-14116"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae518ecc71cb-FRA
content-length: 82198
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 abou-trika.jpg
e1.hespress.com/wp-content/uploads/2024/05/ 81 KB
82 KB 155ms
153ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/abou-trika.jpg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6004987e252bb061ae676430eace5e96a1bf2b217179bad6262006edf970d7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 426662
cf-polished: qual=85, origFmt=jpeg, origSize=84848
content-disposition: inline; filename="abou-trika.webp"
content-length: 83236
cf-bgj: imgq:85,h2pri
last-modified: Sat, 18 May 2024 13:36:42 GMT
server: cloudflare
etag: "6648aeea-14b70"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae51af0071cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 napkin-900x600.jpeg
e1.hespress.com/wp-content/uploads/2024/05/ 23 KB
23 KB 154ms
152ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/napkin-900x600.jpeg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe7fb5a77ccb90fab379ceb0003abd243c1782b02e41b1e8672c2143f7dfedb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 465451
cf-polished: qual=85, origFmt=jpeg, origSize=39897
content-disposition: inline; filename="napkin-900x600.webp"
content-length: 23218
cf-bgj: imgq:85,h2pri
last-modified: Sat, 18 May 2024 10:03:33 GMT
server: cloudflare
etag: "66487cf5-9bd9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae51af0671cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bourita-Samantha-Power.jpg
e1.hespress.com/wp-content/uploads/2024/05/ 142 KB
142 KB 155ms
153ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/bourita-Samantha-Power.jpg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a507f3d3e3d56e4180b5c87407d8e9977a34c440e4842cedf6712624ea75077

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 85076
cf-polished: degrade=85, origSize=147316, status=webp_bigger
content-length: 145039
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 May 2024 20:24:14 GMT
server: cloudflare
etag: "664e546e-23f74"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae51af0971cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dam-900x600.jpg
e1.hespress.com/wp-content/uploads/2022/03/ 73 KB
73 KB 155ms
153ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2022/03/dam-900x600.jpg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 534be0afa9d11f8fed7089315ffeedfe6880d9b962a36171b2d9ffe891141771

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 87938
cf-polished: qual=85, origFmt=jpeg, origSize=95573
content-disposition: inline; filename="dam-900x600.webp"
content-length: 74410
cf-bgj: imgq:85,h2pri
last-modified: Wed, 02 Mar 2022 11:55:36 GMT
server: cloudflare
etag: "621f5b38-17555"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae51af0c71cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SEISMEMARRAKECH.jpg
e1.hespress.com/wp-content/uploads/2023/09/ 101 KB
101 KB 154ms
152ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2023/09/SEISMEMARRAKECH.jpg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f060e43ac50c987e49cf5cdc035e2c86b2c2bad80aa558fb8f5cbdb7319af80

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 126100
cf-polished: degrade=85, origSize=103734, status=webp_bigger
content-length: 102953
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Sep 2023 16:35:23 GMT
server: cloudflare
etag: "6501e4cb-19536"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae51af0d71cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AFP__20240517__34RZ8U9__v2__HighRes__FashionSaudiYasminaQ-scaled-e1716116507387.jpg
e1.hespress.com/wp-content/uploads/2024/05/ 73 KB
73 KB 153ms
152ms Image
image/webp 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/AFP__20240517__34RZ8U9__v2__HighRes__FashionSaudiYasminaQ-scaled-e1716116507387.jpg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a7893860391078aac39926312e32ffa62a95211de1e9a5f1cedafa8be75e28

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 335091
cf-polished: qual=85, origFmt=jpeg, origSize=87093
content-disposition: inline; filename="AFP__20240517__34RZ8U9__v2__HighRes__FashionSaudiYasminaQ-scaled-e1716116507387.webp"
content-length: 74668
cf-bgj: imgq:85,h2pri
last-modified: Sun, 19 May 2024 11:01:47 GMT
server: cloudflare
etag: "6649dc1b-15435"
vary: Accept
content-type: image/webp
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae51af1271cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 New-Pipeline-in-CMC-scaled-e1629468671411.jpeg
e1.hespress.com/wp-content/uploads/2021/08/ 98 KB
99 KB 154ms
153ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2021/08/New-Pipeline-in-CMC-scaled-e1629468671411.jpeg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29dd57bff1c79675e7fc695b20ee487c4b939eeb9d8fafe4b12c8ed8bac1a50d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 92617
cf-polished: degrade=85, origSize=111509, status=webp_bigger
content-length: 100816
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Aug 2021 14:11:11 GMT
server: cloudflare
etag: "611fb7ff-1b395"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae51af1571cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AFP__20050421__9260-14__v1__HighRes__FesSoukDjedid-900x600.jpg
e1.hespress.com/wp-content/uploads/2024/05/ 128 KB
128 KB 154ms
153ms Image
image/jpeg 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.hespress.com/wp-content/uploads/2024/05/AFP__20050421__9260-14__v1__HighRes__FesSoukDjedid-900x600.jpg
Requested by: Host: en.hespress.com
URL: https://en.hespress.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4de9e9bd7401ae039679226c0ac9de3e45f5d972a09d9f111cef458939655a0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:57 GMT
cf-cache-status: HIT
age: 166702
cf-polished: degrade=85, origSize=154442, status=webp_bigger
content-length: 130692
cf-bgj: imgq:85,h2pri
last-modified: Tue, 21 May 2024 21:39:46 GMT
server: cloudflare
etag: "664d14a2-25b4a"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *.hespress.com
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8887ae51af1671cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/ 453 KB
141 KB 55ms
42ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

adaeefa326020cb39ba8c7de0a79d6daab058939b95cc3db3fa3d46c67821fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 267
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 144704
x-xss-protection: 0
server: cafe
etag: 14917180474181173892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 23 May 2025 20:04:30 GMT

GET
H3 200 projectagora.min.js Show response
palibzh.tech/libs/ 379 KB
106 KB 140ms
66ms Script
application/javascript 172.67.138.21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://palibzh.tech/libs/projectagora.min.js
Requested by: Host: pahtzh.tech
URL: https://pahtzh.tech/c/en.hespress.com.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.138.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe5093b9715be664c2d990e74b78cf4e17fd43d326efe4edd57c0331ced16cb7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:58 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7FCRJ260PG14QJMC
age: 3696
x-amz-server-side-encryption: AES256
x-amz-meta-version: 3.26.2
alt-svc: h3=":443"; ma=86400
content-length: 108172
x-amz-id-2: CWXC6ZDp3BmPUPziDR2u/mmeoGR2IizUYBaE/dABp+4RihCD/nMGcgJba2+jxhhZZUYjoc5BBgIg/G1+w6SDxg==
last-modified: Wed, 22 May 2024 09:06:13 GMT
server: cloudflare
etag: "ab01f6c5749c4dd79df5ac34c8581f87"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qv%2B53t%2FJDAZrdGya3ZHPLSafZbsBMY7W4huNYx1Z0fkyzuXiZeHYiI5Xnt8PvvZ8UQaAGTzq5GcJTxPspTDOO2N0xs1gZMi%2FM%2FXi%2FNB18pbbxk3ukA8aDNwODQkHui8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8887ae53093b2c1e-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 367 KB
119 KB 112ms
71ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KT9208VCT6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L4RVCK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d017a098ef702a865f75d1f6c5488e0004344339347c133c2711c256d39f9d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 121821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 May 2024 20:08:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 407ms
40ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L4RVCK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 May 2024 19:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1675
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 23 May 2024 21:41:03 GMT

GET
H2 410 6392.js
script.crazyegg.com/pages/scripts/0123/ 0
0 173ms
53ms Script
application/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0123/6392.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L4RVCK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:58 GMT
cf-cache-status: HIT
last-modified: Thu, 23 May 2024 14:36:15 GMT
server: cloudflare
age: 19963
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 8887ae539be29f18-FRA
content-length: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 36 KB
14 KB 509ms
419ms Fetch
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=203670431200812&correlator=735509040099480&eid=31081974%2C31078668&output=ldjh&gdfp_req=1&vrg=202405200101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=153418548%2Cpave_hespress_fr%2Cmega_hespress_fr%2Ccode_hespress_fr&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C300x250%2C320x50%7C970x250%7C970x90%7C728x90%2C1x1&fluid=height%2Cheight%2C0&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1716494938190&lmt=1716494938&adxs=-9%2C315%2C-12245933&adys=-9%2C144%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuNzYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyNS4wLjY0MjIuNzYiXSxbIkNocm9taXVtIiwiMTI1LjAuNjQyMi43NiJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fen.hespress.com%2F&vis=1&psz=0x-1%7C1366x0%7C1600x3622&msz=0x-1%7C970x0%7C0x-1&fws=2%2C4%2C128&ohw=0%2C1366%2C0&ga_vid=1662765356.1716494938&ga_sid=1716494938&ga_hid=1448826657&ga_fc=false&nt=1&psd=WzIsbnVsbCxudWxsLDNd&dlt=1716494937407&idt=761&adks=1628911327%2C4028731137%2C1696781711&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

704a3df48ad5e30e60869de329408589b4e50294a3b6d4d91d903543f4687f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14466
x-xss-protection: 0
google-lineitem-id: -2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://en.hespress.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2061 0
0 168ms
52ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://en.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 20:08:58 GMT
expires: Fri, 23 May 2025 20:08:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
244 B 147ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KT9208VCT6&gtm=45je45m0v886100022z8845937523za200zb845937523&_p=1716494937684&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1662765356.1716494938&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716494938&sct=1&seg=0&dl=https%3A%2F%2Fen.hespress.com%2F&dt=HESPRESS%20English%20-%20Morocco%20News&en=page_view&_fv=1&_ss=2&tfd=1272
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT9208VCT6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 20:08:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.hespress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 161ms
51ms Ping
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KT9208VCT6&cid=1662765356.1716494938&gtm=45je45m0v886100022z8845937523za200zb845937523&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT9208VCT6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 20:08:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.hespress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 118ms
66ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KT9208VCT6&cid=1662765356.1716494938&gtm=45je45m0v886100022z8845937523za200zb845937523&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=920584571

Requested by

Host: en.hespress.com
URL: https://en.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 20:08:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 48ms
47ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1448826657&t=pageview&_s=1&dl=https%3A%2F%2Fen.hespress.com%2F&ul=de-de&de=UTF-8&dt=HESPRESS%20English%20-%20Morocco%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=345346030&gjid=1663543617&cid=1662765356.1716494938&tid=UA-1423316-19&_gid=1504255378.1716494938&_r=1&_slc=1&gtm=45He45m0n815L4RVCKv845937523za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=1302066635

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 May 2024 20:08:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.hespress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 48ms
48ms XHR
text/plain 2a00:1450:400c:c1d::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1423316-19&cid=1662765356.1716494938&jid=345346030&gjid=1663543617&_gid=1504255378.1716494938&npa=1&_u=YADAAAAAAAAAAC~&z=407120096

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 23 May 2024 20:08:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.hespress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/enhespressmena-p23922933/ 199 KB
47 KB 348ms
249ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/enhespressmena-p23922933/loader.js
Requested by: Host: palibzh.tech
URL: https://palibzh.tech/libs/projectagora.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a04538346a00b049fdfea3042864813d06f27d5382dea3e09ff53f028e9ffc68

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: TWe3Hu3r8tplEJO3F9cNkEAfmmYF0__3
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 May 2024 20:08:58 GMT
x-amz-request-id: RZT3XDX3H2CJP876
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 47555
x-amz-id-2: Ype67cHxtCdi0JYQQo029U+/pafDcpXNTUeI0hkR5w0J0s1bvazQtPVnV7Rycy1eE75z1VqeDJE=
x-served-by: cache-fra-etou8220033-FRA
last-modified: Wed, 01 May 2024 13:20:07 GMT
server: AmazonS3
x-timer: S1716494939.648681,VS0,VE208
etag: "105226858386b21291da0875fdac1928"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 66
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 176ms
87ms Image
image/gif 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1423316-19&cid=1662765356.1716494938&jid=345346030&npa=1&_u=YADAAAAAAAAAAC~&z=2001224983

Requested by

Host: en.hespress.com
URL: https://en.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 20:08:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 65ms
64ms Image
image/gif 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1423316-19&cid=1662765356.1716494938&jid=345346030&npa=1&_u=YADAAAAAAAAAAC~&z=2001224983

Requested by

Host: en.hespress.com
URL: https://en.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 23 May 2024 20:08:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 095A 0
0 1ms
1ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://en.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 20:08:58 GMT
expires: Fri, 23 May 2025 20:08:58 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 impl.20240501-14-RELEASE.js Show response
cdn.taboola.com/libtrc/ 895 KB
182 KB 42ms
42ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20240501-14-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/enhespressmena-p23922933/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4f05d3fd1d449339620ac8db820125dd2aa778bd8eefbfec55a200d28f45f264

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ooN5pyMbJJoYNKKsRcy4Kz5_KyjUG41s
content-encoding: br
via: 1.1 varnish
date: Thu, 23 May 2024 20:08:58 GMT
x-amz-request-id: G744YP2NDGG1TRT7
age: 16666
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 185778
x-amz-id-2: u4q5e5+53ot0RAVU4/fcLacNB9Ute8xNUzctZD+Vlf3oTgFL9b1HtfLAXg5ho6kTv2B4iad54GQ=
x-served-by: cache-fra-etou8220033-FRA
last-modified: Wed, 01 May 2024 11:01:55 GMT
server: AmazonS3-br
x-timer: S1716494939.956023,VS0,VE0
etag: "251e2ddbcfcb2ede0c83eb9a23694fdd"
vary: Accept-Encoding
content-type: application/javascript
abp: 81
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 14

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 315ms
42ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240501-14-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 433090
expires: 60

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 171ms
89ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457

Requested by

Host: en.hespress.com
URL: https://en.hespress.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

58207e4d0e8a45ef1b33f479ddc2b5da6bd1e18313a480a88fbb3487ebfd69ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51569
x-xss-protection: 0
server: cafe
etag: 16653491705218855416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 23 May 2024 20:08:59 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 89ms
88ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6e08142708f5f5ffa3433477d908308442d4d90283b96cccecc73d647fdd91e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12663
x-xss-protection: 0

POST
H2 204 rum Show response
en.hespress.com/cdn-cgi/ 0
204 B 49ms
48ms XHR
text/plain 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://en.hespress.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Thu, 23 May 2024 20:08:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://en.hespress.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8887ae5c6deb71cb-FRA

GET
H2 200 favicon-en.ico
e1.hespress.com/wp-content/themes/hespressfr/icons/ 9 KB
770 B 63ms
63ms Other
image/x-icon 2606:4700::6812:17c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e1.hespress.com/wp-content/themes/hespressfr/icons/favicon-en.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30fda957bd803516abb85f5c52609516c9388913858a93cc45cb62426264719

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Apr 2024 10:00:56 GMT
server: cloudflare
age: 2965502
etag: W/"662240d8-25be"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=315360000
cf-ray: 8887ae5c6ded71cb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 141ms
53ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 May 2024 20:08:59 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405200101/ 416 KB
140 KB 119ms
119ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=en.hespress.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0906a3cef08c5175fa71687ed72da10e0c0d8abe125e94c532d5160b02d67b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143757
x-xss-protection: 0
server: cafe
etag: 16113773124309610873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 May 2024 20:08:59 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 10E0 0
0 39ms
39ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://en.hespress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 2397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 May 2024 19:29:02 GMT
expires: Fri, 23 May 2025 19:29:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-9809098668305457 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 166ms
74ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-9809098668305457?href=https%3A%2F%2Fen.hespress.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=en.hespress.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43b967db52d4d3fc8ad7c48202880a2593c9151dfaf5217d4603f5d3b2994dcb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-z6tEazyeGAum0WUQbfrMQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:09:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-z6tEazyeGAum0WUQbfrMQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0pBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7NfZP0PxELcHHeO7NvEJnCib3aIkkZSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRvJGBkYmBqZGRnoFRfIEBAExnQx8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUgrRjYgIPBod9uaEDnml6pP6y-UV8cyWsT973fINqkgpx-yP4onvmIYV12Fc1jYIHY-ZFVBSrYwcg0sbOvFzOi2OkzLWiBPJea5ytzZxDbOdlHRfrJrKaIj0jjwz5ADJmFSivi Show response
fundingchoicesmessages.google.com/f/ 425 KB
62 KB 145ms
144ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUgrRjYgIPBod9uaEDnml6pP6y-UV8cyWsT973fINqkgpx-yP4onvmIYV12Fc1jYIHY-ZFVBSrYwcg0sbOvFzOi2OkzLWiBPJea5ytzZxDbOdlHRfrJrKaIj0jjwz5ADJmFSivi?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2NDk0OTQwLDI5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9lbi5oZXNwcmVzcy5jb20vIixudWxsLFtbOCwicTl0bkl5SW14Q2siXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.q9tnIyImxCk.es5.O/am=AgM/d=1/rs=AJlcJMxkkNvgKBbuz5NvUu_twxCDXIVPmQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a632ed20c75a1245a2b79c850554a9805779d3d319740b05b4f812da5df4f708

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-P5xdqRPr0EZ9bYJWItq0HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:09:00 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-P5xdqRPr0EZ9bYJWItq0HQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0ZBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7FfZP0HxEI8HHeO7NvEJjDh05zDjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqZGRnoGRvEFBgCdRUO9"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 150ms
58ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.q9tnIyImxCk.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzKmT9gZmrjR-96xHhKNytAbq6lww/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 May 2024 20:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 May 2024 20:09:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 May 2024 20:09:00 GMT

GET
H2 200 jIJQpCnTGCE6uha1pG9hv6VxPTXyeI1HGkC7tm0DqnB4Y-zBug05s4X4fa2IO_I3Zs9PxsLZ9JSiFxG0EWLSIE7R43bxC1qINZ9wZhpvdgDdgea0xW9p=h60
lh3.googleusercontent.com/ 6 KB
7 KB 128ms
40ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/jIJQpCnTGCE6uha1pG9hv6VxPTXyeI1HGkC7tm0DqnB4Y-zBug05s4X4fa2IO_I3Zs9PxsLZ9JSiFxG0EWLSIE7R43bxC1qINZ9wZhpvdgDdgea0xW9p=h60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

809a2c6a57e1191dcc96582e78eb59235b7f2db537e91cdf91ecf1dd541e5cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 20:03:52 GMT
x-content-type-options: nosniff
age: 308
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6443
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 24 May 2024 20:03:52 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 136ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 508984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 May 2025 22:45:56 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 671ms
575ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 19:45:43 GMT
x-content-type-options: nosniff
age: 260597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 May 2025 19:45:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
0 136ms
136ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://en.hespress.com/
Origin: https://en.hespress.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 22:45:56 GMT
x-content-type-options: nosniff
age: 508984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 May 2025 22:45:56 GMT

POST
H3 204 AGSKWxX83WC0TZhcyAOSG-xvfoWxH4zVnlAJXJUE5Jm5cUppw8eWSW3ZPbDYmB6fSKKYCv1tMa0H8zYL1LTEQF7fQEER59eUelQnr9AuuAHNr0m5BdxYHIMMV9aUdPBKEVn3yAcwYBTq Show response
fundingchoicesmessages.google.com/el/ 0
29 B 137ms
56ms XHR
text/html 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX83WC0TZhcyAOSG-xvfoWxH4zVnlAJXJUE5Jm5cUppw8eWSW3ZPbDYmB6fSKKYCv1tMa0H8zYL1LTEQF7fQEER59eUelQnr9AuuAHNr0m5BdxYHIMMV9aUdPBKEVn3yAcwYBTq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AxVlc6THy2WobrUc1AWmBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 May 2024 20:09:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-AxVlc6THy2WobrUc1AWmBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw15BicEqfwRoCxEI8HHeO7NvEJrCh7c4JJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqZKRnYBJfYAAAzfki0w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://en.hespress.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX83WC0TZhcyAOSG-xvfoWxH4zVnlAJXJUE5Jm5cUppw8eWSW3ZPbDYmB6fSKKYCv1tMa0H8zYL1LTEQF7fQEER59eUelQnr9AuuAHNr0m5BdxYHIMMV9aUdPBKEVn3yAcwYBTq

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fYhTf17xjEFR-GGi8OeOYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://en.hespress.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 May 2024 20:09:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-fYhTf17xjEFR-GGi8OeOYQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw05BicEqfwRoCxEI8HHeO7NvEJrBj5e8zTEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUyEjPwCS-wAAA5AYjIA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://en.hespress.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405200101&jk=203670431200812&bg=!oKOlo-zNAAaTdHvKs3Q7ADQBe5WfOBiCvmpBaPYROEjuc_rRLwxHP61hO9Dan91Sy0vR8pNl1RmwiNF3sMcP-zr7WSGQAgAAAD1SAAAAAmgBB34ANfZskI4XnKLsDAytLDFciQN_qB-U6CPKDsyqGs6D4Jxnk8EAm5kA6qByN34BmaixZAGsYUMbmQKWOMcj-g9uDNuEN3ldE3qBFZKk7cUB_E2zTqT911sjkO9NTNOTUty-42jgHSE7WrJrc335b4FPhW5pufnBThHEs7Xt4kQ0c_6Z6IklheTQ8TOb9Urf2xHYyX-v8Nm__kadmK46At9vPsMKS2AQma96HQD4TYfp5nOJeBUOUtjcYk3i1hS-4QZez7jkW2oLrzFWwpMHRVy0u6PL36cyNtimD6mfzjHu6iciAnufrIO81AMtoe7KwFG6KQogtSWTgkjt3ThTX2JEpnrUUPuSmpml94EjGP8lzIaOCDfeip6_ktxPURTZZrBg-wqyAE8xyNpn5leu84RefM4-UFPUSJ0Y67hqSLoYUUmSUUXJ56IWmQn-QAmmaAoQ4h0erKLiWVJGyvuAtxbBoeJxuP4RypWzi3oaZSK53DSeVTuQlAsoB475Y7WXVaSJhhWP2e-5Z1x6BKsDycJlhFNu3Am1ogMzmgkZoOrHEdchq2_RFI5ztgKczxtE-LQXcZyeKglXY0U2dZlYpX14PbqadXsM-eFJfTwHJW44Mncg0dUPUGU7itzQUZ3NT-Em_sCwTYOSsDdscjlpgvFOcCfukjlmyBTSaqTCB66Jl50m8COXA-7G8odsGnJWhhFGYA7zWTs0I55e935sn9Ay_q87or6SW8Plda60N2FtsD-7fGFkxvk3B31wXcL0bfOCWwjAlxYi2Xbg4jR1wKumQWXb1Qokozw9QgT-2DXbyirhITc4RVALsfoMsi4wJcoAgpmm6AN4BKnr-sSyuSYw5U9JQV_96xRVqR7bPn1g6AOI3c0O6SgZM1i1_OWWatvMsMnKRexFdyCEMypGxn0kOIIsgcZ9gFnPr_KVei06-X88nOM07tity97v-BUhcac

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hespress.com/	1970-01-21 06:24:14	Name: _ga Value: GA1.1.1662765356.1716494938
.hespress.com/	1970-01-20 22:57:50	Name: _gcl_au Value: 1.1.883573344.1716494938
.en.hespress.com/	1970-01-21 06:24:14	Name: _ga Value: GA1.3.1662765356.1716494938
.en.hespress.com/	1970-01-20 20:49:41	Name: _gid Value: GA1.3.1504255378.1716494938
.en.hespress.com/	1970-01-20 20:48:14	Name: _gat_UA-1423316-19 Value: 1
.hespress.com/	1970-01-21 01:07:26	Name: __eoi Value: ID=9239b52a30d5df35:T=1716494938:RT=1716494938:S=AA-AfjYuUCKOEWHdV6SPIj5Q3yQr
.hespress.com/	1970-01-21 06:24:14	Name: _ga_KT9208VCT6 Value: GS1.1.1716494938.1.0.1716494938.60.0.0
.criteo.com/	1970-01-21 06:09:50	Name: receive-cookie-deprecation Value: 1
measurement-api.criteo.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://script.crazyegg.com/pages/scripts/0123/6392.js Message: Failed to load resource: the server responded with a status of 410 ()
other	warning	URL: https://en.hespress.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.taboola.com
e1.hespress.com
en.hespress.com
fc2de15e3c2d90828a2981f1addbbf64.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gum.criteo.com
i1.hespress.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
pahtzh.tech
palibzh.tech
region1.analytics.google.com
script.crazyegg.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
142.250.184.193
142.250.184.226
142.250.186.163
151.101.129.44
172.217.16.194
172.67.138.21
2001:4860:4802:32::36
2001:4860:4802:36::178
216.58.206.68
216.58.212.142
2606:4700::6810:4f49
2606:4700::6812:16c4
2606:4700::6812:17c4
2606:4700::6813:9308
2a00:1450:4001:801::2003
2a00:1450:4001:806::2001
2a00:1450:4001:810::2001
2a00:1450:4001:811::2001
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a00:1450:400c:c1d::9c
2a02:2638:3::c
2a02:26f0:780::210:a459
0906a3cef08c5175fa71687ed72da10e0c0d8abe125e94c532d5160b02d67b6e
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18b20477a6fee468abc4da6c7f3a052cb1e3784fd634f015e41bec3e07004687
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98
29dd57bff1c79675e7fc695b20ee487c4b939eeb9d8fafe4b12c8ed8bac1a50d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41a233489f0901ee601d67becc2b3e2c9d11c4cdf571cf1d654d9906d3122b6f
43b967db52d4d3fc8ad7c48202880a2593c9151dfaf5217d4603f5d3b2994dcb
4ad1c31254cecd75d47d782d9c01b2ab466d9e949fef18505d271e84ada34691
4f05d3fd1d449339620ac8db820125dd2aa778bd8eefbfec55a200d28f45f264
534be0afa9d11f8fed7089315ffeedfe6880d9b962a36171b2d9ffe891141771
58207e4d0e8a45ef1b33f479ddc2b5da6bd1e18313a480a88fbb3487ebfd69ae
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64021d7d71537c0757688e64329f1a75da1b6917ab9acd484ef7196ad03c6dc8
6a507f3d3e3d56e4180b5c87407d8e9977a34c440e4842cedf6712624ea75077
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
6e08142708f5f5ffa3433477d908308442d4d90283b96cccecc73d647fdd91e9
704a3df48ad5e30e60869de329408589b4e50294a3b6d4d91d903543f4687f69
73a7893860391078aac39926312e32ffa62a95211de1e9a5f1cedafa8be75e28
809a2c6a57e1191dcc96582e78eb59235b7f2db537e91cdf91ecf1dd541e5cdc
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8381d5273b2e303974684b850c7eb39221fc64d33c63d267678c777b20f1d213
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
9f060e43ac50c987e49cf5cdc035e2c86b2c2bad80aa558fb8f5cbdb7319af80
9fb8380c474d86251d2bb46fea22074992ca2ebd215f464f99891d3b7a109457
a04538346a00b049fdfea3042864813d06f27d5382dea3e09ff53f028e9ffc68
a3b31dc7fd7f48aabf2dbd497b0244c947bb64b134255d4acd4bc404459d3112
a632ed20c75a1245a2b79c850554a9805779d3d319740b05b4f812da5df4f708
adaeefa326020cb39ba8c7de0a79d6daab058939b95cc3db3fa3d46c67821fa6
adf3c9adf7c9e4fa976b4de7ab3453416a6eed665e39e7951290848679d21be0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b395993c5b33da85956bbf185d8f28ca1f6c87a470de53d30b4036f59bb42869
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
b7e29e30d7f5174a2fd0dcf83bddd48c1e53cbb948e50432862f500d6debae00
bf773a20e416bdb5f2ab725bdd6fe12c70124034b66f84ff55ff12cba7fec1d2
bf78c422f0f057b98a3c7836e150922d68e0b4f7f6c77172762b906e7e95d168
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
d017a098ef702a865f75d1f6c5488e0004344339347c133c2711c256d39f9d34
d889d09b671fa1b3090c87310c8000382e1aade26a285a31f678b81f2e8a95af
dbe7fb5a77ccb90fab379ceb0003abd243c1782b02e41b1e8672c2143f7dfedb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4de9e9bd7401ae039679226c0ac9de3e45f5d972a09d9f111cef458939655a0
ee9bd6d9024db6023c458668640f2e16afc3c8dc7eeb03458d8976bf939eb694
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30fda957bd803516abb85f5c52609516c9388913858a93cc45cb62426264719
f4c4e8f7d605f2666cbe452e63241549a301836baa8209786a3c801d4c87366c
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fa6004987e252bb061ae676430eace5e96a1bf2b217179bad6262006edf970d7
fe5093b9715be664c2d990e74b78cf4e17fd43d326efe4edd57c0331ced16cb7

en.hespress.com Open in urlscan Pro 2606:4700::6812:17c4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

68 %IPv6

16 Domains

24 Subdomains

26 IPs

4 Countries

2788 kBTransfer

6631 kBSize

9 Cookies

8 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

en.hespress.com Open in urlscan Pro
2606:4700::6812:17c4 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

68 %
IPv6

16
Domains

24
Subdomains

26
IPs

4
Countries

2788 kB
Transfer

6631 kB
Size

9
Cookies

69 HTTP transactions
0 data transactions