Submitted URL: http://apyether.com/
Effective URL: https://www.hespress.com/
Submission: On May 15 via api from US — Scanned from NL

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 76 HTTP transactions. The main IP is 104.18.23.196, located in and belongs to CLOUDFLARENET, US. The main domain is www.hespress.com. The Cisco Umbrella rank of the primary domain is 533507.
TLS certificate: Issued by E1 on April 7th 2024. Valid for: 3 months.
This is the only time www.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 172.67.164.162 13335 (CLOUDFLAR...)
1 1 188.114.96.3 13335 (CLOUDFLAR...)
1 39 104.18.23.196 13335 (CLOUDFLAR...)
1 172.67.181.58 13335 (CLOUDFLAR...)
2 142.250.185.130 15169 (GOOGLE)
2 142.250.181.227 15169 (GOOGLE)
1 104.16.80.73 13335 (CLOUDFLAR...)
4 142.250.181.232 15169 (GOOGLE)
1 172.67.138.21 13335 (CLOUDFLAR...)
6 216.58.206.34 15169 (GOOGLE)
2 142.250.185.161 15169 (GOOGLE)
2 157.240.252.13 32934 (FACEBOOK)
1 216.239.34.36 15169 (GOOGLE)
1 142.251.173.157 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
1 157.240.252.35 32934 (FACEBOOK)
2 142.250.184.193 15169 (GOOGLE)
4 142.250.185.174 15169 (GOOGLE)
1 216.58.206.42 15169 (GOOGLE)
1 216.58.206.65 15169 (GOOGLE)
3 172.217.23.99 15169 (GOOGLE)
76 20
Apex Domain
Subdomains
Transfer
39 hespress.com
hespress.com — Cisco Umbrella Rank: 340156
www.hespress.com — Cisco Umbrella Rank: 533507
i1.hespress.com — Cisco Umbrella Rank: 483971
2 MB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
da2ead3f52a1dc7825bf9af8cc57531e.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
224 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
124 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
191 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
420 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
171 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
72 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 44
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
6 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
274 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
1 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 66024
106 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
1 pahter.tech
pahter.tech — Cisco Umbrella Rank: 503791
3 KB
1 aethevents.org
aethevents.org
628 B
1 apyindustries.com
apyindustries.com
525 B
1 apyether.com
apyether.com
525 B
76 17
Domain Requested by
34 i1.hespress.com www.hespress.com
i1.hespress.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.hespress.com
pagead2.googlesyndication.com
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 www.googletagmanager.com www.hespress.com
www.googletagmanager.com
4 www.hespress.com www.hespress.com
i1.hespress.com
static.cloudflareinsights.com
3 fonts.gstatic.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 connect.facebook.net www.hespress.com
connect.facebook.net
2 da2ead3f52a1dc7825bf9af8cc57531e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.gstatic.com www.hespress.com
2 securepubads.g.doubleclick.net www.hespress.com
securepubads.g.doubleclick.net
1 lh3.googleusercontent.com
1 fonts.googleapis.com
1 www.facebook.com www.hespress.com
1 www.google.de www.hespress.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 palibzh.tech pahter.tech
1 static.cloudflareinsights.com www.hespress.com
1 pahter.tech www.hespress.com
1 hespress.com 1 redirects
1 aethevents.org 1 redirects
1 apyindustries.com 1 redirects
1 apyether.com 1 redirects
76 24
Subject Issuer Validity Valid
hespress.com
E1
2024-04-07 -
2024-07-06
3 months crt.sh
pahter.tech
GTS CA 1P5
2024-04-15 -
2024-07-14
3 months crt.sh
*.g.doubleclick.net
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
cloudflareinsights.com
GTS CA 1P5
2024-05-08 -
2024-08-06
3 months crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
palibzh.tech
GTS CA 1P5
2024-04-10 -
2024-07-09
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-02-23 -
2024-05-23
3 months crt.sh
*.google.de
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.googleusercontent.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.hespress.com/
Frame ID: 9570119CB0A779F32533F5CB3E57F87B
Requests: 73 HTTP requests in this frame

Frame: https://da2ead3f52a1dc7825bf9af8cc57531e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1792B24DD6442E88952DE7B860A1D94F
Requests: 1 HTTP requests in this frame

Frame: https://da2ead3f52a1dc7825bf9af8cc57531e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FD42F46E1BC7DEB28171E9F252B22391
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B4143E296E14D653040217D2B807B245
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Hespress - هسبريس جريدة إلكترونية مغربية

Page URL History Show full URLs

  1. http://apyether.com/ HTTP 307
    https://apyether.com/ HTTP 307
    https://apyindustries.com/ HTTP 307
    https://aethevents.org/ HTTP 307
    https://hespress.com/ HTTP 301
    https://www.hespress.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

76
Requests

97 %
HTTPS

0 %
IPv6

17
Domains

24
Subdomains

20
IPs

4
Countries

3212 kB
Transfer

7122 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://apyether.com/ HTTP 307
    https://apyether.com/ HTTP 307
    https://apyindustries.com/ HTTP 307
    https://aethevents.org/ HTTP 307
    https://hespress.com/ HTTP 301
    https://www.hespress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.hespress.com/
Redirect Chain
  • http://apyether.com/
  • https://apyether.com/
  • https://apyindustries.com/
  • https://aethevents.org/
  • https://hespress.com/
  • https://www.hespress.com/
244 KB
29 KB
Document
General
Full URL
https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
17178deeeb1c0c6a7094aeebffbc414fbdcd2e1a5d0be3d6799a247d77c93c97

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
22
cf-cache-status
HIT
cf-ray
88463e8f58e20c15-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 15 May 2024 21:33:05 GMT
last-modified
Wed, 15 May 2024 21:32:43 GMT
server
cloudflare
vary
Accept-Encoding
x-nginx-cache
HIT NL
x-powered-by
PHP/7.4.13

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
88463e8e18740c15-AMS
content-type
text/html
date
Wed, 15 May 2024 21:33:05 GMT
location
https://www.hespress.com/
server
cloudflare
Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/
34 KB
35 KB
Font
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
5455926
etag
W/"6567ba7a-89c8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
88463e91def79fc3-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/
35 KB
35 KB
Font
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
5460030
etag
W/"6567ba7a-8bd4"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
88463e91defc9fc3-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/
35 KB
35 KB
Font
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
4591887
etag
W/"6567ba7a-8cc8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
88463e91defa9fc3-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
hespress.com.js
pahter.tech/c/
8 KB
3 KB
Script
General
Full URL
https://pahter.tech/c/hespress.com.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:05 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3EZZJVYF3SYP078Y
age
3599
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2289
x-amz-id-2
8IEE/tzxyyoRSswOyp9jAjdiA/S3Lqyl/VeEicvi0+k89xNlZkOSmfqXJ6bAeRrt+QWZ/s8VZXA=
last-modified
Thu, 08 Feb 2024 12:06:52 GMT
server
cloudflare
etag
"3f02c9d26139d05930116dc637a9e68e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8LiDd0mIMEfUAd90%2FvwHjvDtXDVOsH4SRbhRxG2dPOJ%2FNc3KMndRIkmSG7YIhjqjAAUhmIl27OttGUYtXJnW32JLz1QaT2qI2LZ4VxpW8KIz3ll2A0MJ%2FDUZx79OSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88463e8fddffb8e5-AMS
desktop.css
i1.hespress.com/wp-content/themes/hespressar/css/
400 KB
59 KB
Stylesheet
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0033814a3a70b538596068ea93395fca5ef438b32bde093f59362e19e11dbaf4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:05 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 09 May 2024 22:47:45 GMT
server
cloudflare
age
513892
cf-polished
origSize=411961
etag
W/"663d5291-64939"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
88463e8fb9000c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
94 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef902d01198786f115c560a11be14792ba95063105c580db019bd40ea96f0535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30191
x-xss-protection
0
server
cafe
etag
980 / 19858 / m202405090101 / config-hash: 613278414346952080
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 May 2024 21:33:06 GMT
Sidi-Kacem.jpeg
i1.hespress.com/wp-content/uploads/2024/05/
69 KB
69 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/Sidi-Kacem.jpeg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db10768ae32ed70406458f1096af7a87073511a196155bb9e18bd2fc909e9df0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:05 GMT
cf-cache-status
HIT
age
1195
cf-polished
degrade=85, origSize=151593, status=webp_bigger
content-length
70309
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 23:12:41 GMT
server
cloudflare
etag
"66454169-25029"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e8fb9020c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
far-nato-1.jpg
i1.hespress.com/wp-content/uploads/2024/05/
86 KB
86 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/far-nato-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37398cd3a4e927f98877da240d0559066ef9aa22d41b1b0539a41710e25f4c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:05 GMT
cf-cache-status
HIT
age
5491
cf-polished
degrade=85, origSize=129197, status=webp_bigger
content-length
87751
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 14:12:55 GMT
server
cloudflare
etag
"6644c2e7-1f8ad"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e8fb9030c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.2.0/
20 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 09 May 2024 14:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6546
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 May 2025 14:43:03 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.2.0/
40 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 14 May 2024 14:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10840
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 May 2025 14:03:05 GMT
script.min.js
i1.hespress.com/wp-content/themes/hespressar/js/
210 KB
68 KB
Script
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.46
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a22966f8553cf803759c1a3d324a68339f11a9ce2aaefeff03f3f39c8fda3f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
513916
etag
W/"6626d023-34905"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
88463e90692d0c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.80.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.4.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88463e927e2b0e94-AMS
gtm.js
www.googletagmanager.com/
244 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
216177173c4d125fd6d5dfc14113e073765b73e9f6ca10a2258e7d378c81f627
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89211
x-xss-protection
0
last-modified
Wed, 15 May 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 May 2024 21:33:06 GMT
sprite.svg
www.hespress.com/wp-content/themes/hespressar/
215 KB
54 KB
Other
General
Full URL
https://www.hespress.com/wp-content/themes/hespressar/sprite.svg?6.46
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
100
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=300
cf-ray
88463e90692f0c15-AMS
expires
Wed, 15 May 2024 21:38:05 GMT
projectagora.min.js
palibzh.tech/libs/
378 KB
106 KB
Script
General
Full URL
https://palibzh.tech/libs/projectagora.min.js
Requested by
Host: pahter.tech
URL: https://pahter.tech/c/hespress.com.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3516c9fa7d19635dc83451c0e06df9ff143f9b7ebe833acd38a588124ae53adb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
G1B0S3QJS4JCVVFN
age
356
x-amz-server-side-encryption
AES256
x-amz-meta-version
3.24.5
alt-svc
h3=":443"; ma=86400
content-length
107691
x-amz-id-2
78PtzlOV7PRGFfcei6jPN+++kDFfFbjO8xVrutWgIL9SP7yYFOVsERwtHa0goYPbc/v64sUKzC0=
last-modified
Wed, 15 May 2024 11:26:16 GMT
server
cloudflare
etag
"0d4030870daf6b917deb131403756c8c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ccdri2WrnJ%2FlkPgO2pBBPcjcEF0%2BngHCC7gIJ97bphoFe9S3YQNkc1lBDH%2FL3PaeaOgm5%2FRaPsymWYV0ed28wWiDDZOPrAwP9mHMVPG33o1LdEJU1hWAXDocpIxcFM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88463e90ca7a0e34-AMS
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/
454 KB
142 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:31:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
114
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145002
x-xss-protection
0
server
cafe
etag
8410536799634492291
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 15 May 2025 21:31:12 GMT
sprite.svg
i1.hespress.com/wp-content/themes/hespressar/
215 KB
53 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.45
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
68
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
88463e9119640c15-AMS
expires
Wed, 15 May 2024 21:38:06 GMT
siel-bg.jpg
i1.hespress.com/wp-content/themes/hespress/img/
12 KB
13 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/img/siel-bg.jpg
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d729ea01cd990f0f397b81613378a9684a4f2289d3de9e6c1a5d01f4f8a0578a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
513864
cf-polished
qual=85, origFmt=jpeg, origSize=37731
content-disposition
inline; filename="siel-bg.webp"
content-length
12722
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 May 2024 22:47:45 GMT
server
cloudflare
etag
"663d5291-9363"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9119660c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholder.png
i1.hespress.com/wp-content/themes/hespressar/img/
3 KB
3 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/img/placeholder.png
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
4426624
cf-polished
origFmt=png, origSize=4471
content-disposition
inline; filename="placeholder.webp"
content-length
3412
cf-bgj
imgq:85,h2pri
last-modified
Sat, 14 Nov 2020 22:53:56 GMT
server
cloudflare
etag
"5fb06004-1177"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9119680c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
weathericons-regular.otf
i1.hespress.com/wp-content/themes/hespress/fonts/
53 KB
53 KB
Font
General
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/weathericons-regular.otf
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.46
Origin
https://www.hespress.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 06:25:03 GMT
server
cloudflare
age
5450669
etag
"5fcf1c3f-d360"
vary
Accept-Encoding
content-type
application/x-font-otf
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e91def59fc3-AMS
content-length
54112
expires
Thu, 31 Dec 2037 23:55:55 GMT
culture-2.jpg
i1.hespress.com/wp-content/uploads/2024/05/
67 KB
67 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/culture-2.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb292e585f2e88638edcc37879e3bf7d4d67943b3ee59c20601a95d4dc73a50

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
23840
cf-polished
qual=85, origFmt=jpeg, origSize=106005
content-disposition
inline; filename="culture-2.webp"
content-length
68810
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 16:11:47 GMT
server
cloudflare
etag
"6644dec3-19e15"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9159760c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
SIEL-Rabat-CNDH5.jpg
i1.hespress.com/wp-content/uploads/2024/05/
82 KB
82 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/SIEL-Rabat-CNDH5.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89e88e485fb6876d807b8c7b36cb0699db3a5c27815f5e93a2596f4989041122

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
48651
cf-polished
degrade=85, origSize=105416, status=webp_bigger
content-length
83583
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 03:01:02 GMT
server
cloudflare
etag
"6644256e-19bc8"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9169770c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
siel-2024-mohamed-ramadan.jpg
i1.hespress.com/wp-content/uploads/2024/05/
88 KB
88 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/siel-2024-mohamed-ramadan.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3ac036c126b8908ad37e317929a1735892443d8e1a9f1bb4514aca9b1b1b26b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
84398
cf-polished
degrade=85, origSize=156780, status=webp_bigger
content-length
89737
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 00:07:17 GMT
server
cloudflare
etag
"6643fcb5-2646c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e91a98e0c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
mohamed-ramadan.jpg
i1.hespress.com/wp-content/uploads/2024/05/
52 KB
52 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/mohamed-ramadan.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6f3222551c39fa33f261a574fe7020ec4d4fd35c3b6d963f41201a2e704b27b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
96257
cf-polished
degrade=85, origSize=73060, status=webp_bigger
content-length
52834
cf-bgj
imgq:85,h2pri
last-modified
Tue, 14 May 2024 20:51:35 GMT
server
cloudflare
etag
"6643ced7-11d64"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e91a9910c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
palestine-copy.jpg
i1.hespress.com/wp-content/uploads/2024/05/
64 KB
64 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/palestine-copy.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84046a7aed8adcb2094a2bd7211dcf66d083cbf84ea03c2214e25bc82e819756

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
101091
cf-polished
degrade=85, origSize=85420, status=webp_bigger
content-length
65258
cf-bgj
imgq:85,h2pri
last-modified
Tue, 14 May 2024 19:03:29 GMT
server
cloudflare
etag
"6643b581-14dac"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e91c9950c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
SIEL-2024-PALESTINE-2.jpg
i1.hespress.com/wp-content/uploads/2024/05/
83 KB
83 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/SIEL-2024-PALESTINE-2.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bcb9c0baf62c18a86dd8e7c76fbbfa4012f416c972c10bb1925efd4b69ba4f4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
106069
cf-polished
degrade=85, origSize=107134, status=webp_bigger
content-length
84649
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 May 2024 19:19:53 GMT
server
cloudflare
etag
"664267d9-1a27e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e91c9970c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
SNRT-SIEL-2024-1.jpg
i1.hespress.com/wp-content/uploads/2024/05/
71 KB
71 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/SNRT-SIEL-2024-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d68117f366744ea3938b3c3b34542a1b082231ca845e863a37bce4967f383562

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
63094
cf-polished
qual=85, origFmt=jpeg, origSize=132301
content-disposition
inline; filename="SNRT-SIEL-2024-1.webp"
content-length
72958
cf-bgj
imgq:85,h2pri
last-modified
Tue, 14 May 2024 13:10:51 GMT
server
cloudflare
etag
"664362db-204cd"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e91c9990c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
Mouna-Hachim.jpg
i1.hespress.com/wp-content/uploads/2024/05/
83 KB
84 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/Mouna-Hachim.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b93514574ac62b0eb05455a7828035bac022d211e36a6c7d4efa8998ff4008a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
124452
cf-polished
qual=85, origFmt=jpeg, origSize=145270
content-disposition
inline; filename="Mouna-Hachim.webp"
content-length
85296
cf-bgj
imgq:85,h2pri
last-modified
Tue, 14 May 2024 12:32:58 GMT
server
cloudflare
etag
"664359fa-23776"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e91c9980c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
lydec-1.jpg
i1.hespress.com/wp-content/uploads/2024/05/
112 KB
112 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/lydec-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d950723821e64520aa7d83a9f7560fd248880be4ea7a0ea02881d745646e85

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
3080
cf-polished
degrade=85, origSize=169884, status=webp_bigger
content-length
114502
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 22:18:53 GMT
server
cloudflare
etag
"664534cd-2979c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209aa0c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
miaara.jpg
i1.hespress.com/wp-content/uploads/2024/05/
36 KB
36 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/miaara.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53afec1fbe77c1ee7f6001ff842b603111b0b0308044453145408432cabf9043

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
3131
cf-polished
qual=85, origFmt=jpeg, origSize=114290
content-disposition
inline; filename="miaara.webp"
content-length
36378
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 22:31:07 GMT
server
cloudflare
etag
"664537ab-1be72"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209ad0c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
ada-1.jpg
i1.hespress.com/wp-content/uploads/2024/05/
25 KB
25 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/ada-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d3ba5f4dd5f47814cf03a4bf6bff8ea98966f2c3933e9d3f312859c54f951f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
14761
cf-polished
qual=85, origFmt=jpeg, origSize=87314
content-disposition
inline; filename="ada-1.webp"
content-length
25800
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 19:18:30 GMT
server
cloudflare
etag
"66450a86-15512"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209ae0c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
habib-malki.jpg
i1.hespress.com/wp-content/uploads/2024/05/
84 KB
84 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/habib-malki.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d5a509b10c3a3defe9423beff65c707ab886a2e31943a2c307db703e8807781

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
15984
cf-polished
degrade=85, origSize=184183, status=webp_bigger
content-length
85682
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 18:49:09 GMT
server
cloudflare
etag
"664503a5-2cf77"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209af0c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
gitex.jpg
i1.hespress.com/wp-content/uploads/2024/05/
32 KB
32 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/gitex.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0ccd2fe7997893cb7dc6ae51dc825ae4d54dd996172cf696ef306a8c86fce0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
20947
cf-polished
qual=85, origFmt=jpeg, origSize=96110
content-disposition
inline; filename="gitex.webp"
content-length
33014
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 17:45:46 GMT
server
cloudflare
etag
"6644f4ca-1776e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209b00c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
ugence-casablanca-eleves-3.jpg
i1.hespress.com/wp-content/uploads/2024/05/
73 KB
73 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/ugence-casablanca-eleves-3.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d869df4b4afa65ada5acd0d375711d201da090910418355eed16e39557679b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
26926
cf-polished
qual=85, origFmt=jpeg, origSize=120926
content-disposition
inline; filename="ugence-casablanca-eleves-3.webp"
content-length
74420
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 16:02:43 GMT
server
cloudflare
etag
"6644dca3-1d85e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209b10c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
sidi_benour.jpg
i1.hespress.com/wp-content/uploads/2024/05/
75 KB
76 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/sidi_benour.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69dc94622a9f9a88a62322e6b0cd394f0912a9b8d8c066e3fbbc2c454704645

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
31668
cf-polished
degrade=85, origSize=89195, status=webp_bigger
content-length
77268
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 14:37:25 GMT
server
cloudflare
etag
"6644c8a5-15c6b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209b20c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
touimi.jpg
i1.hespress.com/wp-content/uploads/2024/05/
54 KB
54 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/touimi.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e83c920caa6093c40ddf39c0fa60e0e9879045612c3ed76c57c82006810b4e5b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
32933
cf-polished
degrade=85, origSize=68818, status=webp_bigger
content-length
55562
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 14:27:38 GMT
server
cloudflare
etag
"6644c65a-10cd2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209b30c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
fz.jpg
i1.hespress.com/wp-content/uploads/2024/04/
52 KB
52 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/fz.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1fadd1ab6c76d3e82a9f071cb8906252ab2411b95efc087b547ca7ccbf8238d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
599288
cf-polished
qual=85, origFmt=jpeg, origSize=280112
content-disposition
inline; filename="fz.webp"
content-length
53504
cf-bgj
imgq:85,h2pri
last-modified
Wed, 17 Apr 2024 18:05:03 GMT
server
cloudflare
etag
"66200f4f-44630"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209b40c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
youabed.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/05/
7 KB
7 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/05/youabed.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc6d7b507401a1b9a4dc809f744e1339988b3a2728780861ddaf9008ace39bd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
54135
cf-polished
qual=85, origFmt=jpeg, origSize=12624
content-disposition
inline; filename="youabed.webp"
content-length
6846
cf-bgj
imgq:85,h2pri
last-modified
Sun, 12 May 2024 20:00:44 GMT
server
cloudflare
etag
"66411fec-3150"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9209b50c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
miraoui-1.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/05/
9 KB
9 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/05/miraoui-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66b44166e09c222aa0a9caf499c24a557ee9d7667cfbe70bdc6d2b0754003b49

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
127915
cf-polished
qual=85, origFmt=jpeg, origSize=15795
content-disposition
inline; filename="miraoui-1.webp"
content-length
9554
cf-bgj
imgq:85,h2pri
last-modified
Sun, 12 May 2024 20:03:57 GMT
server
cloudflare
etag
"664120ad-3db3"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9219b60c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
rayan-stock-city.jpg
i1.hespress.com/wp-content/uploads/2024/05/
49 KB
49 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/rayan-stock-city.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c463ca39b4982a4775bd1eecc22fac90a06bac248f87103989d921bc053ff0c9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
27004
cf-polished
qual=85, origFmt=jpeg, origSize=92091
content-disposition
inline; filename="rayan-stock-city.webp"
content-length
50116
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 15:08:44 GMT
server
cloudflare
etag
"6644cffc-167bb"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9219b70c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
coupe-arabe-1.jpg
i1.hespress.com/wp-content/uploads/2023/09/
56 KB
56 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2023/09/coupe-arabe-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cef97eaf95d0482c32e85e996d700568c6d87b38db14bc6fc5f52434b562bf9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
37213
cf-polished
qual=85, origFmt=jpeg, origSize=94541
content-disposition
inline; filename="coupe-arabe-1.webp"
content-length
57076
cf-bgj
imgq:85,h2pri
last-modified
Sat, 30 Sep 2023 22:27:01 GMT
server
cloudflare
etag
"6518a0b5-1714d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9219b80c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
wada-1.jpg
i1.hespress.com/wp-content/uploads/2024/05/
23 KB
23 KB
Image
General
Full URL
https://i1.hespress.com/wp-content/uploads/2024/05/wada-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57f6904f61649ea67f52deee6eaa09357c5306264320158cc2f3b8e1ecca071c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
cf-cache-status
HIT
age
39212
cf-polished
qual=85, origFmt=jpeg, origSize=60602
content-disposition
inline; filename="wada-1.webp"
content-length
23624
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 May 2024 10:00:59 GMT
server
cloudflare
etag
"664487db-ecba"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
88463e9219b90c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads
pagead2.googlesyndication.com/gampad/
35 KB
14 KB
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2015764763572606&correlator=2232202847879268&eid=44809527%2C31083344%2C31083648%2C95332898%2C31082138&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fif&ltd_cs=1&iu_parts=153418548%2Cmega_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=1&didk=2462911251&sfv=1-0-40&sc=1&abxe=1&dt=1715808786220&lmt=1715808763&adxs=315&adys=135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x0&msz=970x0&fws=4&ohw=1366&ga_vid=1223184559.1715808786&ga_sid=1715808786&ga_hid=1172023716&ga_fc=false&dlt=1715808785863&idt=327&adks=337753859&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
8d92d4ae0f5b4254e85a43b4b335192624030c9fde53cf61a95957d2feadbcf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13925
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
da2ead3f52a1dc7825bf9af8cc57531e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1792
0
0
Document
General
Full URL
https://da2ead3f52a1dc7825bf9af8cc57531e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 21:33:06 GMT
expires
Thu, 15 May 2025 21:33:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/
514 B
239 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2015764763572606&correlator=2232202847879268&eid=44809527%2C31083344%2C31083648%2C95332898%2C31082138&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fif&ltd_cs=1&iu_parts=153418548%2Ccode_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&didk=525783152&sfv=1-0-40&sc=1&abxe=1&dt=1715808786227&lmt=1715808763&adxs=1599&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1600x6887&msz=1x-1&fws=0&ohw=0&ga_vid=1223184559.1715808786&ga_sid=1715808786&ga_hid=1172023716&ga_fc=false&dlt=1715808785863&idt=327&adks=432670791&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
77736bf84cb90323ca766ec3394a624a07daf795aa05fd2c158c9ee363e9fa29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/
526 B
249 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=2015764763572606&correlator=2232202847879268&eid=44809527%2C31083344%2C31083648%2C95332898%2C31082138&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fif&ltd_cs=1&iu_parts=153418548%2Cbillboard_btf_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90%7C940x230&ifi=3&didk=1711791774&sfv=1-0-40&sc=1&abxe=1&dt=1715808786229&lmt=1715808763&adxs=315&adys=686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjAxIixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwMSJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x16&msz=970x0&fws=4&ohw=1366&ga_vid=1223184559.1715808786&ga_sid=1715808786&ga_hid=1172023716&ga_fc=false&dlt=1715808785863&idt=327&adks=4098979368&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
883356f277a204b278e9317dfb23c498b0a0f5d25ddc4c6f9de6a1a425ef231c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
220
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.hespress.com/
111 KB
8 KB
XHR
General
Full URL
https://www.hespress.com/?weather_and_prayer
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
444b0153ddb96590ae334a9502c0d6670ce45d6b43fb0cf2cbab0ca2c1303ebc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.hespress.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
x-nginx-cache
HIT NL
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.13
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88463e92d9e60c15-AMS
js
www.googletagmanager.com/gtag/
296 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
93f4211dc2b0e8b0996106a28b8480e64424662e6832765f5fb9889a9b5023a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102052
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 May 2024 21:33:06 GMT
destination
www.googletagmanager.com/gtag/
355 KB
116 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-338591081&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5952ad6a1b969e9159c0ed6c741cffdf09b6fefe2308c7aaa70b5a9b2b4a619c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118798
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 May 2024 21:33:06 GMT
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 15 May 2024 21:33:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1314, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
mPW/T3PGLJO+zrYCvyI/tqpP+htsK+CVb0cRR2KyZ6JPVRmQRM6u2kwKrq+pr3LUgzKibeicnggT6JMLcPLmuw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
246 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je45d0v869673765z878625843za200&_p=1715808785976&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1223184559.1715808786&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715808786&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=page_view&_fv=1&_ss=2&tfd=1534
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 21:33:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
255 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P97QV0GBGK&cid=1223184559.1715808786&gtm=45je45d0v869673765z878625843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.173.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wi-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 21:33:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P97QV0GBGK&cid=1223184559.1715808786&gtm=45je45d0v869673765z878625843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=111338528
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 21:33:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
da2ead3f52a1dc7825bf9af8cc57531e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD42
0
0
Document
General
Full URL
https://da2ead3f52a1dc7825bf9af8cc57531e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 21:33:06 GMT
expires
Thu, 15 May 2025 21:33:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
destination
www.googletagmanager.com/gtag/
355 KB
116 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-KT9208VCT6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fecc48d282a6f2722ae7f0510c3cb3bb542afef90ad7c7bb77f7ec8b7003cd7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118802
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 May 2024 21:33:06 GMT
447079109144639
connect.facebook.net/signals/config/
65 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/447079109144639?v=2.9.156&r=stable&domain=www.hespress.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
051188cb8276330d4c0dc94dc0cb8f47fa4bf09cc9b9b63e3377accc6eab228e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 15 May 2024 21:33:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13576
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=63, mss=1314, tbw=63300, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
3jz+Zdk8EOxLoaBzQ/RcwNdo0BtXwp6kaaGam2ZMED2abH1PKJahVHFebRfYpTnV4gQlImSljWu1Jk2YIRNn8w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1715808786877&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1715808786876.1990668748&cs_est=true&ler=empty&cdl=API_unavailable&it=1715808786844&coo=false&rqm=GET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1314, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 15 May 2024 21:33:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
879c44c9c68e51ea245eb9e71c0f5bcde663128065facd56fdc0de2dc0fbc957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12294
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
153 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
cd2b8045245611e97c01484bf7f2ccaa1b6ca5e4f4830736e179b6ebeb2665e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52387
x-xss-protection
0
server
cafe
etag
17304740090521330012
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 15 May 2024 21:33:07 GMT
rum
www.hespress.com/cdn-cgi/
0
214 B
XHR
General
Full URL
https://www.hespress.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 15 May 2024 21:33:07 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.hespress.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88463e9a0cd60c15-AMS
favicon.ico
i1.hespress.com/wp-content/themes/hespressar/icons/
868 B
989 B
Other
General
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.196 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 11:19:45 GMT
server
cloudflare
age
5455851
etag
W/"5fa925d1-364"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
88463e9a1cdd0c15-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 May 2024 21:33:07 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/
416 KB
140 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com&aplac=true&bust=31083689
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
44ee891dae444297fcd37bcd0bc66d5c21b4212de58906fa27cc2866977c9f80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143648
x-xss-protection
0
server
cafe
etag
2729506899989287180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 May 2024 21:33:07 GMT
ca-pub-9809098668305457
fundingchoicesmessages.google.com/i/
182 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9809098668305457?href=https%3A%2F%2Fwww.hespress.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com&aplac=true&bust=31083689
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
eae664a68d8b8426df0f406f0121ab0aef673cf0e0b53bcd494cf0c4f3addb63
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZbuMFidorXbqT45MAiLNdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZbuMFidorXbqT45MAiLNdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7FfZP0HxELcHFOuTNnEJrDi0o5MJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxMDU0MTPQOD-AIDAEvWQxg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B414
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
16180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 17:03:27 GMT
expires
Thu, 15 May 2025 17:03:27 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUMV8dWfukp9cxBsxsUCHdIhCoPfLj5OBDUsVkXsFIq8pPRsaooAEqluQ0bnWTF1aTvpB6FVYL0ichvTBt0TklI10YjU6zmLY5qQcrMcM3r1BIShLhlRtSDVlTuDJqBQcEJWoh1
fundingchoicesmessages.google.com/f/
423 KB
62 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUMV8dWfukp9cxBsxsUCHdIhCoPfLj5OBDUsVkXsFIq8pPRsaooAEqluQ0bnWTF1aTvpB6FVYL0ichvTBt0TklI10YjU6zmLY5qQcrMcM3r1BIShLhlRtSDVlTuDJqBQcEJWoh1?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1ODA4Nzg4LDI5NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVzcHJlc3MuY29tLyIsbnVsbCxbWzgsIlBuRFhkWmJqN3A0Il0sWzksIm5sIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMwF1QLlldHWKA2eU2SfDK_k3jCBDw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
c4a22a8d6b98bcc3363fd51600895d1927376372f50588fb1b1e644799d87879
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Oy_zM7oZG5-vfBfPDvs7DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 21:33:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Oy_zM7oZG5-vfBfPDvs7DQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw0ZBiOO90h-k6EBtoPGeyAGKJry-ZNIA45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUCc9O88axEQ71x8gfUgEK86coF1ExC3f77AOh2Iv7FfZP0HxEI8HFOuTNnEJvBh1oVVjEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmBqaGJnoGBvEFBgCLBUN1"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
109 KB
6 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.PnDXdZbj7p4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMy5lgPGIBsMb6A8CYD0qKNK6i9OTw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f10.1e100.net
Software
ESF /
Resource Hash
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 May 2024 21:33:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 May 2024 21:33:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 May 2024 21:33:08 GMT
uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
lh3.googleusercontent.com/
6 KB
6 KB
Image
General
Full URL
https://lh3.googleusercontent.com/uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f1.1e100.net
Software
fife /
Resource Hash
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 19:35:44 GMT
x-content-type-options
nosniff
age
7044
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5847
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 16 May 2024 19:35:44 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 22:45:56 GMT
x-content-type-options
nosniff
age
427632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 May 2025 22:45:56 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/
125 KB
126 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 13 May 2024 19:45:43 GMT
x-content-type-options
nosniff
age
179245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 May 2025 19:45:43 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 22:45:56 GMT
x-content-type-options
nosniff
age
427632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 May 2025 22:45:56 GMT
AGSKWxXT42v-KPcAs4BT2NHyo4iSWoCP8jksfIVVkRIRDr5NbuDKWWVhrXCH0NjpktUjBfwPVW6XOkvBAf998D4SnWRAwnQtjUOlBkxgOPuAkb5YSi2Js2KjvNE8akNbHrZ-SeEtFeAw
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXT42v-KPcAs4BT2NHyo4iSWoCP8jksfIVVkRIRDr5NbuDKWWVhrXCH0NjpktUjBfwPVW6XOkvBAf998D4SnWRAwnQtjUOlBkxgOPuAkb5YSi2Js2KjvNE8akNbHrZ-SeEtFeAw
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMwF1QLlldHWKA2eU2SfDK_k3jCBDw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ACFG5j6Y_BMy4jrcte_oVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 May 2024 21:33:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ACFG5j6Y_BMy4jrcte_oVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0ZBicEqfwRoCxEI8HFOuTNnEJnDiUeMvRiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKJnYBpfYAAAw5siug"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hespress.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXT42v-KPcAs4BT2NHyo4iSWoCP8jksfIVVkRIRDr5NbuDKWWVhrXCH0NjpktUjBfwPVW6XOkvBAf998D4SnWRAwnQtjUOlBkxgOPuAkb5YSi2Js2KjvNE8akNbHrZ-SeEtFeAw
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXT42v-KPcAs4BT2NHyo4iSWoCP8jksfIVVkRIRDr5NbuDKWWVhrXCH0NjpktUjBfwPVW6XOkvBAf998D4SnWRAwnQtjUOlBkxgOPuAkb5YSi2Js2KjvNE8akNbHrZ-SeEtFeAw
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.PnDXdZbj7p4.es5.O/am=BgM/d=1/rs=AJlcJMwF1QLlldHWKA2eU2SfDK_k3jCBDw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MI9OjzVlzlOpzE4Q_ANeoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.hespress.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 15 May 2024 21:33:08 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MI9OjzVlzlOpzE4Q_ANeoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1ZBicEqfwRoCxEI8HFOuTNnEJvDjz7cfjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDU0ETPwDS-wAAA_VwjgA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hespress.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0

collect
region1.analytics.google.com/g/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405090101&jk=2015764763572606&bg=!rq2lreLNAAbZcyKb-XM7ADQBe5WfOAXCjsnkLkJuCQP8SibnwX1XN5uRDFz0yo6jGuM1egpy99aLQi6unZThFYbQl_uqAgAAAERSAAAAAmgBB34ANYOqmSKdvp0m3j3s0DRnWGM-dcRsLXa1NCt4xu18_-WSqFgm--E2Lhh4jd1FwyorMn4a_K_HmQKTBJUyGf50W1sCMTmA6xVVssXiKATgk5sxmNQN_Cb_4lt-xHcvH3zdNxQA2sb2ga9BTMzsBt5ysGImHcnUeP9jSdHeyl0iWShQGommpoUIx5-vfwSaSc4tugWHvmPgCHeSKc_jZCJ5slQR8CprVlYvhxugaTdjgXCruJnp6jdWRGlz6RO_fAXQhY-b8MWOZ1s0K86fZpy_BFWpdk8ZY20khbSUqnqoq7Xy3V_oE5or3n9MTvnw7ZnnwRV3NT2j1nAgGakUZ--yFvxtCikcTlXi8uk0qfFFkru1eFoVy2OoES4m2trgJkBzmqkNF1m8IEUqguMFTk11KXt-8wrI7ZozRxkb9jr9T8GV10atNHyhohp0BRxmD5cyul7A0iNhG_6UrQPEORnNyx41HXOGNdcJno2FUkbYXWUlcThiLpqF1e8CudH8wV-NSSOxhOgC6Dci1HIXIAMWVdqQxwTQTg54ZoEXd7v1Zh4LuGQMg-ylISJXsCnoV6kRhN2s-U5yoV8DVsPxOLfc71HuAB4D54aRmdk1pDNth-91jj26uptAxVXfPLzmyQxWpgSRicGwNB7qCgbcRtay4CTgl6HMC7aag9M1zbtaUjWAVCYOIs8lr0j0c4x8Sw2QQAJ52JS3dyV7ttdAvJiYjil0jmMzqB0xK0Y2mlYluXH_RSQpjwqY7HDnhudIaxucVz6RJMqvqroMoTfXnVJ2pikYFovPgSW292lLRAXtDzjyfX1ekx1ycGlkWthLbu4nqakbJ3KbXE06YGOv-HGfKaEJ0IRoMfXggZn6LGytsZYcAfmmuORR2z-0U2O8cDOKllyoNF7nd9DCS-fF1DCmjPQ7xLFjbty4sX21EZ_5kQVDOjiEnNWFtnYswRQ
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je45d0v869673765z8886100022za200&_p=1715808785976&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1223184559.1715808786&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1715808786&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=ad_impression&ep.query_id=CKKg3unNkIYDFb8uVQgdnjIK_Q&_et=209&tfd=6745

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| refreshAds object| googletag object| dataLayer object| TWAGORAINARTICLE object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| google_measure_js_timing number| google_unique_id object| gaGlobal object| firebase object| config function| downloadAdsenseAtOnload object| notificationApp string| popover_message string| popover_accept_text string| popover_reject_text string| popover_icon_path object| comment_lang string| copyLink string| newsletterApiId object| notificationConf object| hespress object| __cfBeacon function| iFrameResize object| ProjectAgora object| google_tag_manager function| fbq function| _fbq function| onYouTubeIframeAPIReady object| GoogleGcLKhOms number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjMwNTFjMGNmN2I5NGU4bG9hZGVyX2pz string| MjMwNTFjMGNmN2I5NGU4Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

8 Cookies

Domain/Path Name / Value
.aethevents.org/ Name: GOOGLE_ADS_IDENTIFIER
Value: 9ONzqqHepfLXhAwW38FAMF/xV6x7OM1D6Dlt/WqOjAzjNtFgGkuSouEZRrQ4ESp2PAYH6uPnwvhOqLuIxhyHA6g49j0rSOQB
.hespress.com/ Name: _gcl_au
Value: 1.1.1500888634.1715808786
.hespress.com/ Name: _ga
Value: GA1.1.1223184559.1715808786
.hespress.com/ Name: _ga_P97QV0GBGK
Value: GS1.1.1715808786.1.0.1715808786.60.0.0
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%221D39F5CE-910C-40BB-8C48-5ED26E09D6C0%22%7D
.hespress.com/ Name: _fbp
Value: fb.1.1715808786876.1990668748
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%221D39F5CE-910C-40BB-8C48-5ED26E09D6C0%22%7D
.hespress.com/ Name: __eoi
Value: ID=c5f0d2ec34bf43f9:T=1715808786:RT=1715808786:S=AA-AfjbWZEHi5jolZ5ae9_ZZGJGp

8 Console Messages

Source Level URL
Text
other warning URL: https://www.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/447079109144639?v=2.9.156&r=stable&domain=www.hespress.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.hespress.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aethevents.org
apyether.com
apyindustries.com
connect.facebook.net
da2ead3f52a1dc7825bf9af8cc57531e.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
hespress.com
i1.hespress.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
pahter.tech
palibzh.tech
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hespress.com
pagead2.googlesyndication.com
region1.analytics.google.com
104.16.80.73
104.18.23.196
142.250.181.227
142.250.181.232
142.250.184.193
142.250.185.130
142.250.185.161
142.250.185.174
142.250.186.35
142.251.173.157
157.240.252.13
157.240.252.35
172.217.23.99
172.67.138.21
172.67.164.162
172.67.181.58
188.114.96.3
188.114.97.3
216.239.34.36
216.58.206.34
216.58.206.42
216.58.206.65
0033814a3a70b538596068ea93395fca5ef438b32bde093f59362e19e11dbaf4
051188cb8276330d4c0dc94dc0cb8f47fa4bf09cc9b9b63e3377accc6eab228e
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
09d3ba5f4dd5f47814cf03a4bf6bff8ea98966f2c3933e9d3f312859c54f951f
11d950723821e64520aa7d83a9f7560fd248880be4ea7a0ea02881d745646e85
17178deeeb1c0c6a7094aeebffbc414fbdcd2e1a5d0be3d6799a247d77c93c97
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98
216177173c4d125fd6d5dfc14113e073765b73e9f6ca10a2258e7d378c81f627
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808
2d5a509b10c3a3defe9423beff65c707ab886a2e31943a2c307db703e8807781
2e0ccd2fe7997893cb7dc6ae51dc825ae4d54dd996172cf696ef306a8c86fce0
3516c9fa7d19635dc83451c0e06df9ff143f9b7ebe833acd38a588124ae53adb
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
444b0153ddb96590ae334a9502c0d6670ce45d6b43fb0cf2cbab0ca2c1303ebc
44ee891dae444297fcd37bcd0bc66d5c21b4212de58906fa27cc2866977c9f80
4bcb9c0baf62c18a86dd8e7c76fbbfa4012f416c972c10bb1925efd4b69ba4f4
53afec1fbe77c1ee7f6001ff842b603111b0b0308044453145408432cabf9043
57f6904f61649ea67f52deee6eaa09357c5306264320158cc2f3b8e1ecca071c
5952ad6a1b969e9159c0ed6c741cffdf09b6fefe2308c7aaa70b5a9b2b4a619c
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66b44166e09c222aa0a9caf499c24a557ee9d7667cfbe70bdc6d2b0754003b49
6b7dfb79b63e4202eaad4d930a87c85325776c5b800a672363283ad3dc73af1c
6b93514574ac62b0eb05455a7828035bac022d211e36a6c7d4efa8998ff4008a
77736bf84cb90323ca766ec3394a624a07daf795aa05fd2c158c9ee363e9fa29
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84046a7aed8adcb2094a2bd7211dcf66d083cbf84ea03c2214e25bc82e819756
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
879c44c9c68e51ea245eb9e71c0f5bcde663128065facd56fdc0de2dc0fbc957
87d869df4b4afa65ada5acd0d375711d201da090910418355eed16e39557679b
883356f277a204b278e9317dfb23c498b0a0f5d25ddc4c6f9de6a1a425ef231c
89e88e485fb6876d807b8c7b36cb0699db3a5c27815f5e93a2596f4989041122
8d92d4ae0f5b4254e85a43b4b335192624030c9fde53cf61a95957d2feadbcf4
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
93f4211dc2b0e8b0996106a28b8480e64424662e6832765f5fb9889a9b5023a3
9cef97eaf95d0482c32e85e996d700568c6d87b38db14bc6fc5f52434b562bf9
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6
c1fadd1ab6c76d3e82a9f071cb8906252ab2411b95efc087b547ca7ccbf8238d
c463ca39b4982a4775bd1eecc22fac90a06bac248f87103989d921bc053ff0c9
c4a22a8d6b98bcc3363fd51600895d1927376372f50588fb1b1e644799d87879
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
cd2b8045245611e97c01484bf7f2ccaa1b6ca5e4f4830736e179b6ebeb2665e8
cfc6d7b507401a1b9a4dc809f744e1339988b3a2728780861ddaf9008ace39bd
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
d3ac036c126b8908ad37e317929a1735892443d8e1a9f1bb4514aca9b1b1b26b
d68117f366744ea3938b3c3b34542a1b082231ca845e863a37bce4967f383562
d729ea01cd990f0f397b81613378a9684a4f2289d3de9e6c1a5d01f4f8a0578a
db10768ae32ed70406458f1096af7a87073511a196155bb9e18bd2fc909e9df0
e37398cd3a4e927f98877da240d0559066ef9aa22d41b1b0539a41710e25f4c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a22966f8553cf803759c1a3d324a68339f11a9ce2aaefeff03f3f39c8fda3f
e6f3222551c39fa33f261a574fe7020ec4d4fd35c3b6d963f41201a2e704b27b
e83c920caa6093c40ddf39c0fa60e0e9879045612c3ed76c57c82006810b4e5b
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
eae664a68d8b8426df0f406f0121ab0aef673cf0e0b53bcd494cf0c4f3addb63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef902d01198786f115c560a11be14792ba95063105c580db019bd40ea96f0535
f69dc94622a9f9a88a62322e6b0cd394f0912a9b8d8c066e3fbbc2c454704645
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17
fecc48d282a6f2722ae7f0510c3cb3bb542afef90ad7c7bb77f7ec8b7003cd7b
ffb292e585f2e88638edcc37879e3bf7d4d67943b3ee59c20601a95d4dc73a50