urlscan.io logo urlscan.io
SecurityTrails logo

www.hespress.com Open in urlscan Pro
2606:4700::6812:16c4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.hespress.com/
Effective URL: https://www.hespress.com/
Submission: On April 24 via manual from MA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 15 domains to perform 84 HTTP transactions. The main IP is 2606:4700::6812:16c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hespress.com. The Cisco Umbrella rank of the primary domain is 576930.
TLS certificate: Issued by E1 on April 7th 2024. Valid for: 3 months.
This is the only time www.hespress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.67.181.58 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.67.138.21 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
9 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.46 15169 (GOOGLE)
84 23
34    2606:4700::6812:16c4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hespress.com
i1.hespress.com
4    2606:4700::6812:17c4 (United States)

ASN13335 (CLOUDFLARENET, US)
i1.hespress.com
1    172.67.181.58 (United States)

ASN13335 (CLOUDFLARENET, US)
pahter.tech
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.67.138.21 (United States)

ASN13335 (CLOUDFLARENET, US)
palibzh.tech
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
8a1472118a9a0726ab31dcdf9813eefd.safeframe.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.de
1    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
38 hespress.com
www.hespress.com — Cisco Umbrella Rank: 576930
i1.hespress.com — Cisco Umbrella Rank: 457808
2 MB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
8a1472118a9a0726ab31dcdf9813eefd.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
241 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
224 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 416
104 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 660
123 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
267 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
171 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
7 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 45
6 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
274 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7278
63 B
1 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 62439
106 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817
7 KB
1 pahter.tech
pahter.tech — Cisco Umbrella Rank: 519853
3 KB
84 15
Domain Requested by
34 i1.hespress.com www.hespress.com
i1.hespress.com
9 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.hespress.com
pagead2.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 www.hespress.com www.hespress.com
i1.hespress.com
static.cloudflareinsights.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.hespress.com
3 www.googletagmanager.com www.hespress.com
www.googletagmanager.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 connect.facebook.net www.hespress.com
connect.facebook.net
2 www.gstatic.com www.hespress.com
2 securepubads.g.doubleclick.net www.hespress.com
securepubads.g.doubleclick.net
1 lh3.googleusercontent.com
1 www.facebook.com www.hespress.com
1 www.google.de www.hespress.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 8a1472118a9a0726ab31dcdf9813eefd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 palibzh.tech pahter.tech
1 static.cloudflareinsights.com www.hespress.com
1 pahter.tech www.hespress.com
84 21
Subject Issuer Validity Valid
hespress.com
E1		 2024-04-07 -
2024-07-06		 3 months crt.sh
pahter.tech
GTS CA 1P5		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
palibzh.tech
GTS CA 1P5		 2024-04-10 -
2024-07-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-02 -
2024-05-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.hespress.com/
Frame ID: EE418EEF834E2841584F4A195B5CC794
Requests: 70 HTTP requests in this frame

Frame: https://8a1472118a9a0726ab31dcdf9813eefd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 80C4D1054D634B3F33E04895C0346F2D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9621A3B12DD8D9D9834C9701D323BBB0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012404151833000/amp4ads-v0.mjs
Frame ID: 9356DE57398C6A5162AE75564711BB65
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hespress - هسبريس جريدة إلكترونية مغربية

Page URL History Show full URLs

  1. http://www.hespress.com/ HTTP 307
    https://www.hespress.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

84
Requests

98 %
HTTPS

77 %
IPv6

15
Domains

21
Subdomains

23
IPs

3
Countries

3010 kB
Transfer

6862 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hespress.com/ HTTP 307
    https://www.hespress.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hespress.com/
Redirect Chain
  • http://www.hespress.com/
  • https://www.hespress.com/
244 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
d0e53c1e21636179b4f324196818888ebcbcbac5e251f603e7dec35b06e7f0d7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
60
cf-cache-status
HIT
cf-ray
879982ee7dd73804-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Apr 2024 22:25:49 GMT
last-modified
Wed, 24 Apr 2024 22:24:49 GMT
server
cloudflare
vary
Accept-Encoding
x-nginx-cache
HIT DE
x-powered-by
PHP/7.4.13

Redirect headers

Location
https://www.hespress.com/
Non-Authoritative-Reason
HttpsUpgrades
Hespress-Medium.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Medium.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
3644714
etag
W/"6567ba7a-89c8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
879982ef4a689064-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-SemiBold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-SemiBold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
3649349
etag
W/"6567ba7a-8bd4"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
879982ef4a679064-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Hespress-Bold.woff
i1.hespress.com/wp-content/themes/hespress/fonts/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/Hespress-Bold.woff
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Nov 2023 22:26:02 GMT
server
cloudflare
age
3644714
etag
W/"6567ba7a-8cc8"
vary
Accept-Encoding
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
879982ef4a669064-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hespress.com.js
pahter.tech/c/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahter.tech/c/hespress.com.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:49 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CRD5KQB1DRC6RAQ7
age
4957
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2289
x-amz-id-2
AOFc8khIUXoed/n9FnfnAAUygKBKhS16FTHM8gYGdU6yyvhCNJVF8oR8l+IBK24Fh1NocXD10NY=
last-modified
Thu, 08 Feb 2024 12:06:52 GMT
server
cloudflare
etag
"3f02c9d26139d05930116dc637a9e68e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0bOgfoeKbHzATCpyv%2F5C4ON87s5QVP2fmBoFMmLX5NgdKQSHXgS%2BwTA6%2F%2FaKSP37hOWlKoPLKmHxL6aWPqhgSUn1cbgmq3UvFRU7mipwyRY%2BqmEJwI5QirWDQ1vmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879982ef2d8a4d5e-FRA
desktop.css
i1.hespress.com/wp-content/themes/hespressar/css/ 		400 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.45
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e8bf73203dc15da72b661e3eb0d9016bdc6ef57dda7ce5f1605d2734d0f532e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
177860
cf-polished
origSize=411805
etag
W/"6626d023-6489d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
cf-ray
879982eeee443804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8967b7001746faad867c762395286dc46dcd6ec675fe5fec13beea0e7285a13f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29873
x-xss-protection
0
server
cafe
etag
812 / 19837 / m202404180101 / config-hash: 9301319534479615066
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 Apr 2024 22:25:50 GMT
parlement-akhannouch-aziz.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/parlement-akhannouch-aziz.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d0809f390b63756f51992086225189efd205a95dda208c0dd839a8fd95d5f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:49 GMT
cf-cache-status
HIT
age
1452
cf-polished
degrade=85, origSize=113586, status=webp_bigger
content-length
92874
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 23:54:09 GMT
server
cloudflare
etag
"66299ba1-1bbb2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982eeee463804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
cimetiere-pollution.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/cimetiere-pollution.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25fcefbd07fcf43a381610564b69758bd6e6c844d0c6f7b2ee6c5d7310154f5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:49 GMT
cf-cache-status
HIT
age
4899
cf-polished
degrade=85, origSize=144473, status=webp_bigger
content-length
143640
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 22:53:12 GMT
server
cloudflare
etag
"66298d58-23459"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982eeee473804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.2.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-app.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 14:42:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
546204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6546
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:19 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 14:42:26 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.2.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.2.0/firebase-messaging.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 00:25:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10840
x-xss-protection
0
last-modified
Fri, 11 Dec 2020 17:24:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 20 Apr 2025 00:25:35 GMT
script.min.js
i1.hespress.com/wp-content/themes/hespressar/js/ 		210 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.45
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a22966f8553cf803759c1a3d324a68339f11a9ce2aaefeff03f3f39c8fda3f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
177860
etag
W/"6626d023-34905"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
879982efaecc3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 12:12:17 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
879982f00bb12be9-FRA
gtm.js
www.googletagmanager.com/ 		232 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
645a02525da989b87ed9b20c6a8b96203f5ae04c36edf1870042e9c7bc708497
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85194
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 22:25:50 GMT
sprite.svg
www.hespress.com/wp-content/themes/hespressar/ 		215 KB
53 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/wp-content/themes/hespressar/sprite.svg?6.45
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=300
cf-ray
879982efaece3804-FRA
expires
Wed, 24 Apr 2024 22:30:50 GMT
projectagora.min.js
palibzh.tech/libs/ 		378 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palibzh.tech/libs/projectagora.min.js
Requested by
Host: pahter.tech
URL: https://pahter.tech/c/hespress.com.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.138.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dcf279d9a554d4e7c507724e2abd39d2b172cf720bd1b368354838a73d9852a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SEZ4E05774R4MKDP
age
3921
x-amz-server-side-encryption
AES256
x-amz-meta-version
3.24.2
alt-svc
h3=":443"; ma=86400
content-length
107573
x-amz-id-2
x0bEbsnLGR16R51wZh0jsN5viT1lLtkfOqQezgsvMcSIcA4Ai/K9VepYiHPbLRKXKtuIrlJEQEg=
last-modified
Wed, 24 Apr 2024 09:19:04 GMT
server
cloudflare
etag
"2b1c9bff26b8a392a97f6f18f6dce9d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CI05TLEXiNye8Q2ivYcYVKkbdQfsRejBZISBo5cGdfxY9NAY8S8UChxBwX%2BO853OShXV194J%2FyOJwAJRmDU2%2F39uVBjVdy3alF7h4f%2BXdvlpDjYxl87%2BXiGAdSyLJss%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
879982f01a6892a7-FRA
sprite.svg
i1.hespress.com/wp-content/themes/hespressar/ 		215 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/sprite.svg?6.45
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.45
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
age
90
etag
W/"6626d023-35dcc"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
879982efceeb3804-FRA
expires
Wed, 24 Apr 2024 22:30:50 GMT
siam-bg.jpg
i1.hespress.com/wp-content/themes/hespress/img/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespress/img/siam-bg.jpg
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
891f2635dd85b8f10533f27a0ac001d327dbc8cf675fdaa5857656edc4cf9c91

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.45
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
3266
cf-polished
qual=85, origFmt=jpeg, origSize=24474
content-disposition
inline; filename="siam-bg.webp"
content-length
11696
cf-bgj
imgq:85,h2pri
last-modified
Mon, 22 Apr 2024 21:01:23 GMT
server
cloudflare
etag
"6626d023-5f9a"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efceec3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholder.png
i1.hespress.com/wp-content/themes/hespressar/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/img/placeholder.png
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.45
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
608142
cf-polished
origFmt=png, origSize=4471
content-disposition
inline; filename="placeholder.webp"
content-length
3412
cf-bgj
imgq:85,h2pri
last-modified
Sat, 14 Nov 2020 22:53:56 GMT
server
cloudflare
etag
"5fb06004-1177"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efceed3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
weathericons-regular.otf
i1.hespress.com/wp-content/themes/hespress/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespress/fonts/weathericons-regular.otf
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:17c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://i1.hespress.com/wp-content/themes/hespressar/css/desktop.css?ver=6.45
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Dec 2020 06:25:03 GMT
server
cloudflare
age
3639842
etag
"5fcf1c3f-d360"
vary
Accept-Encoding
content-type
application/x-font-otf
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efeaaa9064-FRA
content-length
54112
expires
Thu, 31 Dec 2037 23:55:55 GMT
cannabis-siam.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/cannabis-siam.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67eae977dfd735cd6115cf887330a651186fddd24374d8dc0ad8bb4d3bb7df2d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
9207
cf-polished
qual=85, origFmt=jpeg, origSize=74041
content-disposition
inline; filename="cannabis-siam.webp"
content-length
34806
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 18:42:35 GMT
server
cloudflare
etag
"6629529b-12139"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efef0c3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ADA-1.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/ADA-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5771250d86d1a42b7a139f5fa12b1f90dcf7377491d40b47f9fc07413c90ddb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
5537
cf-polished
qual=85, origFmt=jpeg, origSize=77784
content-disposition
inline; filename="ADA-1.webp"
content-length
42208
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 20:38:30 GMT
server
cloudflare
etag
"66296dc6-12fd8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efef0e3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
um6p.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/um6p.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae06cf0e7b2dd7e9a52608bf81dcf7679267d5a07b73634d3d9ceb22faf3b8c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
21580
cf-polished
qual=85, origFmt=jpeg, origSize=64082
content-disposition
inline; filename="um6p.webp"
content-length
51282
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 16:26:46 GMT
server
cloudflare
etag
"662932c6-fa52"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efef0f3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
biopharma.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/biopharma.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba83384cdabc58cc3e499776585707f74b62189f7e54502a997dca1fb2617933

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
29247
cf-polished
degrade=85, origSize=62701, status=webp_bigger
content-length
50134
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 15:51:25 GMT
server
cloudflare
etag
"66292a7d-f4ed"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efef103804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
siam-central-danoune.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/siam-central-danoune.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99588fba588fd2750956dba5c6e451cffddc89d9628caeee30672f5d139174f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
29551
cf-polished
qual=85, origFmt=jpeg, origSize=143247
content-disposition
inline; filename="siam-central-danoune.webp"
content-length
68578
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 15:07:48 GMT
server
cloudflare
etag
"66292044-22f8f"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff153804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
copac.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/copac.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c2234d9a049a921c0543bfb1ea4bc1dfa3b14fbd62c6c23d1b25ba02116bc5f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
32218
cf-polished
degrade=85, origSize=41346, status=webp_bigger
content-length
31665
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 15:05:12 GMT
server
cloudflare
etag
"66291fa8-a182"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff163804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
onssa.jpg
i1.hespress.com/wp-content/uploads/2024/02/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/02/onssa.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9c314325cb2687cf946af761b7603006696722296df95c89f8772b13e6a093a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
32872
cf-polished
qual=85, origFmt=jpeg, origSize=88842
content-disposition
inline; filename="onssa.webp"
content-length
46638
cf-bgj
imgq:85,h2pri
last-modified
Wed, 07 Feb 2024 12:12:45 GMT
server
cloudflare
etag
"65c373bd-15b0a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff173804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
atlas_platform.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/atlas_platform.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53e9e9f48959d9024706b99327538430cebd91cc9c6390cbb10fd55e24722c62

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
5751
cf-polished
qual=85, origFmt=jpeg, origSize=25242
content-disposition
inline; filename="atlas_platform.webp"
content-length
12748
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 13:44:58 GMT
server
cloudflare
etag
"66290cda-629a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff183804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
afilal.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/afilal.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0388be3d9310493c9bc460961c10069f880f28841be60098205cbe59692c408b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
1739
cf-polished
degrade=85, origSize=71626, status=webp_bigger
content-length
48263
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 23:49:46 GMT
server
cloudflare
etag
"66299a9a-117ca"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff193804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Akhannouch-1.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/Akhannouch-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dff55fd41c5b204c888b997ee0a254ee2688045728ebb75c42f58d45c78943c4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
6860
cf-polished
degrade=85, origSize=77553, status=webp_bigger
content-length
54586
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 22:10:45 GMT
server
cloudflare
etag
"66298365-12ef1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff1a3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Akhannouch.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/Akhannouch.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bcde962ce23f4844a4d9da267f99adef7dbff14a20db76bba76182caea17e79

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
14306
cf-polished
qual=85, origFmt=jpeg, origSize=66033
content-disposition
inline; filename="Akhannouch.webp"
content-length
30108
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 20:12:23 GMT
server
cloudflare
etag
"662967a7-101f1"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff1b3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Marcs.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/Marcs.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8559d503864e002526bed6fcceae2af94e73559542a7abf81194502922a6c8f3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
20096
cf-polished
qual=85, origFmt=jpeg, origSize=78748
content-disposition
inline; filename="Marcs.webp"
content-length
40718
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 18:47:41 GMT
server
cloudflare
etag
"662953cd-1339c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff1c3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
manifestation-fonctionnaires-des-communes-1.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/manifestation-fonctionnaires-des-communes-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f853fedba6a22078106daa1d0083f22fbb4dcff7ab68c1ad3800fd6dd12e63f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
29928
cf-polished
degrade=85, origSize=178498, status=webp_bigger
content-length
103811
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 14:58:21 GMT
server
cloudflare
etag
"66291e0d-2b942"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff1e3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fes_sud.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/fes_sud.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
001ea21228a97dae98ec1543fc73f0bd94237c879767f2b8a62e4d909b045a55

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
3210
cf-polished
qual=85, origFmt=jpeg, origSize=39824
content-disposition
inline; filename="fes_sud.webp"
content-length
25944
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 11:48:00 GMT
server
cloudflare
etag
"6628f170-9b90"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff203804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ocp-siam.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/ocp-siam.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4285c8bb61c826b315d24e3fb59a21f2f8e7ebcee74b4f2562fa44339533e64

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
257
cf-polished
qual=85, origFmt=jpeg, origSize=126465
content-disposition
inline; filename="ocp-siam.webp"
content-length
84474
cf-bgj
imgq:85,h2pri
last-modified
Wed, 24 Apr 2024 00:48:05 GMT
server
cloudflare
etag
"662856c5-1ee01"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff213804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
said_dahmani.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/said_dahmani.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f25068245806d17504e859b618a39343828b737ced3e6da6d35915716e1908b3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
60809
cf-polished
qual=85, origFmt=jpeg, origSize=34909
content-disposition
inline; filename="said_dahmani.webp"
content-length
24266
cf-bgj
imgq:85,h2pri
last-modified
Tue, 23 Apr 2024 15:07:42 GMT
server
cloudflare
etag
"6627cebe-885d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff223804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fz.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/fz.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1fadd1ab6c76d3e82a9f071cb8906252ab2411b95efc087b547ca7ccbf8238d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
4906
cf-polished
qual=85, origFmt=jpeg, origSize=280112
content-disposition
inline; filename="fz.webp"
content-length
53504
cf-bgj
imgq:85,h2pri
last-modified
Wed, 17 Apr 2024 18:05:03 GMT
server
cloudflare
etag
"66200f4f-44630"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff243804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
diaz-1.jpg
i1.hespress.com/wp-content/uploads/resize/200/2024/03/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2024/03/diaz-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9991517ace2a4c2072133843db6392482d94c5c06a05887795419e8d63a03d78

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
1820698
cf-polished
qual=85, origFmt=jpeg, origSize=14795
content-disposition
inline; filename="diaz-1.webp"
content-length
9194
cf-bgj
imgq:85,h2pri
last-modified
Sun, 24 Mar 2024 19:59:15 GMT
server
cloudflare
etag
"66008613-39cb"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff253804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
mohamed-abdeljalil.jpg
i1.hespress.com/wp-content/uploads/resize/200/2022/07/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/resize/200/2022/07/mohamed-abdeljalil.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ed33577fd833171a4c6d165c757ad89ff3029304cb3e41ad5c689f12b799f5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
2693325
cf-polished
qual=85, origFmt=jpeg, origSize=12267
content-disposition
inline; filename="mohamed-abdeljalil.webp"
content-length
6504
cf-bgj
imgq:85,h2pri
last-modified
Tue, 12 Jul 2022 18:18:33 GMT
server
cloudflare
etag
"62cdbaf9-2feb"
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff273804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
arbitre.jpg
i1.hespress.com/wp-content/uploads/2022/08/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2022/08/arbitre.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfec0bc55364346c23c393f5b490e6ce4f86bd3473a0b20c7a6d306db3f57432

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
6111
cf-polished
qual=85, origFmt=jpeg, origSize=84504
content-disposition
inline; filename="arbitre.webp"
content-length
47082
cf-bgj
imgq:85,h2pri
last-modified
Fri, 26 Aug 2022 17:58:31 GMT
server
cloudflare
etag
"630909c7-14a18"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff283804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
chibi-pyramids.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/chibi-pyramids.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af61d8129a239ad6bdc1dc941d2964ef56659d46c7abecd60b92badd7213ff0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
6965
cf-polished
qual=85, origFmt=jpeg, origSize=92265
content-disposition
inline; filename="chibi-pyramids.webp"
content-length
54632
cf-bgj
imgq:85,h2pri
last-modified
Tue, 23 Apr 2024 22:19:01 GMT
server
cloudflare
etag
"662833d5-16869"
vary
Accept
content-type
image/webp
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff293804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ocs-raja-1.jpg
i1.hespress.com/wp-content/uploads/2024/04/ 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.hespress.com/wp-content/uploads/2024/04/ocs-raja-1.jpg
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b701d28718db93eace3000b788edb2e07a52bb288a1df9eafcfe5ff39f52742c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
cf-cache-status
HIT
age
75136
cf-polished
degrade=85, origSize=152541, status=webp_bigger
content-length
98785
cf-bgj
imgq:85,h2pri
last-modified
Tue, 23 Apr 2024 18:43:38 GMT
server
cloudflare
etag
"6628015a-253dd"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*.hespress.com
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
879982efff2a3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
www.hespress.com/ 		111 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/?weather_and_prayer
Requested by
Host: i1.hespress.com
URL: https://i1.hespress.com/wp-content/themes/hespressar/js/script.min.js?ver=6.45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.13
Resource Hash
1ee56c1a5992a3828fd5ff4b1befc7341c64b447c72a4ac80b90920fc0199048

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.hespress.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
x-nginx-cache
HIT DE
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.13
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
879982f09f963804-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/ 		451 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2959030781573a3f5693994163754bfc66b764e3b3f04ede91efebf13468b685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:31:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
24848
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143980
x-xss-protection
0
server
cafe
etag
4584908892515675654
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 24 Apr 2025 15:31:42 GMT
js
www.googletagmanager.com/gtag/ 		289 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4fc9035e5cd15b82f9dee6faa87552a0c745b5494137a403e256e07662c8455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100282
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 22:25:50 GMT
destination
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-338591081&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53HHGG5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84594f16ed43a2b5211436e4fab2726d76fa781d7df654b77f8338c2c396c808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87336
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 22:25:50 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 22:25:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1294, tbw=2799, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
FVYaCmgEfrnm7F3fgOPdexJb9Et1mHCBGTvoIHgbb9Kb58HjlI7hPPnGyJdt4SJpZHSwmAEwN++QDY6gaCSaXw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		607 B
316 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=984800470702111&correlator=2825770978782253&eid=31079957%2C31079525&output=ldjh&gdfp_req=1&vrg=202404180101&ptt=17&impl=fif&ltd_cs=1&iu_parts=153418548%2Cbillboard_btf_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C970x250%7C728x90%7C940x230&ifi=1&didk=1711791774&sfv=1-0-40&sc=1&abxe=1&dt=1713997550294&lmt=1713997489&adxs=315&adys=686&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x16&msz=970x0&fws=4&ohw=1366&ga_vid=1734890023.1713997550&ga_sid=1713997550&ga_hid=1837536299&ga_fc=false&dlt=1713997549877&idt=392&adks=4098979368&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
7208dbe3afb79c3d003978c6bd40e42effa7717e5e3864097ecf435e7ef5150e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
287
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8a1472118a9a0726ab31dcdf9813eefd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 80C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://8a1472118a9a0726ab31dcdf9813eefd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Apr 2024 22:25:50 GMT
expires
Thu, 24 Apr 2025 22:25:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=984800470702111&correlator=2825770978782253&eid=31079957%2C31079525&output=ldjh&gdfp_req=1&vrg=202404180101&ptt=17&impl=fif&ltd_cs=1&iu_parts=153418548%2Cmega_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%7C728x90&fluid=height&ifi=2&didk=2462911251&sfv=1-0-40&sc=1&abxe=1&dt=1713997550302&lmt=1713997489&adxs=315&adys=135&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1366x0&msz=970x0&fws=4&ohw=1366&ga_vid=1734890023.1713997550&ga_sid=1713997550&ga_hid=1837536299&ga_fc=false&dlt=1713997549877&idt=392&adks=337753859&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2d48f02bf12df63c25b1bf4f7931acbd2e3663960502af755e427057c842cd8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13636
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ 		514 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=984800470702111&correlator=2825770978782253&eid=31079957%2C31079525&output=ldjh&gdfp_req=1&vrg=202404180101&ptt=17&impl=fif&ltd_cs=1&iu_parts=153418548%2Ccode_hespress&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&didk=525783152&sfv=1-0-40&sc=1&abxe=1&dt=1713997550305&lmt=1713997489&adxs=1599&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fwww.hespress.com%2F&vis=1&psz=1600x6900&msz=1x-1&fws=0&ohw=0&ga_vid=1734890023.1713997550&ga_sid=1713997550&ga_hid=1837536299&ga_fc=false&dlt=1713997549877&idt=392&adks=432670791&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8d6b4dc72cba422edcff8fc0dd7ebb7161d948eb3656a6e416bd3238785fc00c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-P97QV0GBGK&gtm=45je44m0v869673765z878625843za200&_p=1713997550007&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1734890023.1713997550&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713997550&sct=1&seg=0&dl=https%3A%2F%2Fwww.hespress.com%2F&dt=Hespress%20-%20%D9%87%D8%B3%D8%A8%D8%B1%D9%8A%D8%B3%20%D8%AC%D8%B1%D9%8A%D8%AF%D8%A9%20%D8%A5%D9%84%D9%83%D8%AA%D8%B1%D9%88%D9%86%D9%8A%D8%A9%20%D9%85%D8%BA%D8%B1%D8%A8%D9%8A%D8%A9&en=page_view&_fv=1&_ss=2&tfd=594
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 22:25:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P97QV0GBGK&cid=1734890023.1713997550&gtm=45je44m0v869673765z878625843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P97QV0GBGK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 22:25:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hespress.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P97QV0GBGK&cid=1734890023.1713997550&gtm=45je44m0v869673765z878625843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1552716207
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 22:25:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
447079109144639
connect.facebook.net/signals/config/ 		65 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/447079109144639?v=2.9.154&r=stable&domain=www.hespress.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7832d670fcf6061a2135ba2040bb5e47f7ebecfece273c780bee46ddc35b8566
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 22:25:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13575
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=64, mss=1294, tbw=63247, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
iuJbBSc0TlyudtgYx5+M0R27+kL0SN3NFyw6sdEEEFSD222cQBAiofVWGVERrn3Uolboic1Zsm31EgPYLhv1BA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=447079109144639&ev=PageView&dl=https%3A%2F%2Fwww.hespress.com%2F&rl=&if=false&ts=1713997550404&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1713997550402.1618120644&cs_est=true&ler=empty&cdl=API_unavailable&it=1713997550366&coo=false&rqm=GET
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1294, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 22:25:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9d625e72c110b5d9146b17488a7098e02510ad4fc9b7d9ce11ec04e403a39110
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51916
x-xss-protection
0
server
cafe
etag
4318089183936792112
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 24 Apr 2024 22:25:50 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
314b20cc0033a9727c035223982e7f1e97826c9925b85c12e915d983fcd0b2ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12216
x-xss-protection
0
rum
www.hespress.com/cdn-cgi/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hespress.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.hespress.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
879982f2a91a3804-FRA
favicon.ico
i1.hespress.com/wp-content/themes/hespressar/icons/ 		868 B
983 B 		Other
General
Check archive.org
Download Go to
Full URL
https://i1.hespress.com/wp-content/themes/hespressar/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:16c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 11:19:45 GMT
server
cloudflare
age
2743860
etag
W/"5fa925d1-364"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
879982f2a91b3804-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 24 Apr 2024 22:25:50 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404220101/ 		412 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9809098668305457
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f1b3f000380917bdde7b4352d5e2eca974f6056ff8139159ffceb97926010389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142735
x-xss-protection
0
server
cafe
etag
8913713818298345679
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 24 Apr 2024 22:25:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9621 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.hespress.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
5933
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Apr 2024 20:46:57 GMT
expires
Thu, 24 Apr 2025 20:46:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-9809098668305457
fundingchoicesmessages.google.com/i/ 		181 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-9809098668305457?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9809098668305457&plah=www.hespress.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d75c23ec66cc75332574ea9825521d0e5783ce394a752281d9010bc7925d565e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-puXrvptv4DElPv4SwnvhSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:51 GMT
content-security-policy
script-src 'report-sample' 'nonce-puXrvptv4DElPv4SwnvhSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP_nWctBWIhbo73vcs2sgmsWNwkDwDQ9iox"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX84uuveCQFeJaltxhujp2dDI2WrMVtu84KazRdZRWfikLKvRohvRCJz9TgBiL7RgmXXEpWMAjsRV8iTHxTgmyF_1Tgd4J7HIm741IDAsD1riSep4cBgFfNDdEc_d89Ag3ncvt_
fundingchoicesmessages.google.com/f/ 		421 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX84uuveCQFeJaltxhujp2dDI2WrMVtu84KazRdZRWfikLKvRohvRCJz9TgBiL7RgmXXEpWMAjsRV8iTHxTgmyF_1Tgd4J7HIm741IDAsD1riSep4cBgFfNDdEc_d89Ag3ncvt_?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzEzOTk3NTUxLDE1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuaGVzcHJlc3MuY29tLyIsbnVsbCxbWzgsIk1BQTJtMVg2TTQ0Il0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MAA2m1X6M44.es5.O/am=wA/d=1/rs=AJlcJMxNIiHUjm3_euSv5BF1upSSEX7FDQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f45f17bd452915b087fab3f918c99cf7f22b3c5d02f3bfa786c89b14d220e0f3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ySUWKx-L9e8lsVxvPEMOVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 22:25:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ySUWKx-L9e8lsVxvPEMOVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmJw0pBiOO90h-k6ENcyPGNqBWIDjedMFkAs8fUlkxYQxzyfzpoCxE7pM1hDgNinfgZrHBC33jzHOh2ITy44z3oRiJP-nWctAWIhbo73vcs2sgn8mPiqFgDQwist"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012404151833000/ Frame 9356 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404151833000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6af81412e294227525ca2a32da8ff2fa4ebf4fcffce958062fc31bd6d2100f69
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Apr 2024 12:00:23 GMT
age
37528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56110
x-xss-protection
0
server
sffe
etag
"fd5385e79ab11b56"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Apr 2025 12:00:23 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012404151833000/v0/ Frame 9356 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404151833000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
081f145352b18f3e4b53581b125fca2b9b12f5e8d44cee9fe193b1102b79167f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Apr 2024 11:52:03 GMT
age
38028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5213
x-xss-protection
0
server
sffe
etag
"2b45ff7da6dbe3de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Apr 2025 11:52:03 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012404151833000/v0/ Frame 9356 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404151833000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
345621274bac11fb21cec5f1de1123c10ebaf1d2a205f1efc127c4d9fbb1d22b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Apr 2024 11:43:44 GMT
age
38527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29017
x-xss-protection
0
server
sffe
etag
"a9232ccfdc6ff126"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Apr 2025 11:43:44 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012404151833000/v0/ Frame 9356 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404151833000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a9f34ebfbf0d2f443842ae1678e0a6422a34542f8c976ee8a3bce78a057e09
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Apr 2024 11:47:35 GMT
age
38296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1918
x-xss-protection
0
server
sffe
etag
"1f4be879f393255e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Apr 2025 11:47:35 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012404151833000/v0/ Frame 9356 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012404151833000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
907f697d5f1cd9dc7364322b36206c1184f3867c5dc88c305c6006352a18e121
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Apr 2024 11:53:38 GMT
age
37933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12949
x-xss-protection
0
server
sffe
etag
"563f88892418945d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 24 Apr 2025 11:53:38 GMT
css
fonts.googleapis.com/ Frame 9356 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 22:25:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 20:51:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Apr 2024 22:25:51 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3852444371767153949/ Frame 9356 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3852444371767153949/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c5f6f937db7e3e787799230526f2daf567014c6caf59d14e09c399b2e965a46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 24 Apr 2025 12:30:24 GMT
date
Wed, 24 Apr 2024 12:30:24 GMT
x-content-type-options
nosniff
age
35727
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15669
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 03:12:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 9356 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccd361daa5032b081e552b1e9aca061b6c92b492ddd464e7eb63c30fe5ba9dab

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
ar.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 9356 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:47:36 GMT
x-content-type-options
nosniff
server
cafe
age
13095
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2737
x-xss-protection
0
expires
Thu, 25 Apr 2024 18:47:36 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 9356 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.hespress.com
URL: https://www.hespress.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 19:48:29 GMT
x-content-type-options
nosniff
server
cafe
age
9442
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 25 Apr 2024 19:48:29 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 9356 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 04:01:15 GMT
x-content-type-options
nosniff
age
152676
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Apr 2025 04:01:15 GMT
css
fonts.googleapis.com/ 		106 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MAA2m1X6M44.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzj2c8b4CkbkvECFVqICS7KaagnYw/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 22:25:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 22:25:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Apr 2024 22:25:51 GMT
uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
lh3.googleusercontent.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/uZSYBuYb8cYiZnokcvoUlGm6fxLRJJ5r4V1fJ2vG6dH6X-O7FVeIT9iLZH3z3K7jLOI3-0ORxT7AHfmphJk4H1lKc0-UOOV5dDFh4zHKfsrnwBmP3s0=h60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:43:21 GMT
x-content-type-options
nosniff
age
13350
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5847
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 25 Apr 2024 18:43:21 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
430795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 22:45:56 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 19:45:43 GMT
x-content-type-options
nosniff
age
182408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 19:45:43 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Origin
https://www.hespress.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 19 Apr 2024 22:45:56 GMT
x-content-type-options
nosniff
age
430795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Apr 2025 22:45:56 GMT
AGSKWxW1lX1NLbiVQvglwT2zSwJtcQ04Szjol8W5FOHGHKjJzYbkzkMq5YD1ARvChL09IiLeH1aZ7-oGOIKV-7XzOy2wtdUeUMgl3aXDUJuvltUw7fugkoxPFD_GNCGg2EKwUknvlCeR
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW1lX1NLbiVQvglwT2zSwJtcQ04Szjol8W5FOHGHKjJzYbkzkMq5YD1ARvChL09IiLeH1aZ7-oGOIKV-7XzOy2wtdUeUMgl3aXDUJuvltUw7fugkoxPFD_GNCGg2EKwUknvlCeR
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.MAA2m1X6M44.es5.O/am=wA/d=1/rs=AJlcJMxNIiHUjm3_euSv5BF1upSSEX7FDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-d5QROZF1PCmJzaMmmxkwNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 24 Apr 2024 22:25:51 GMT
content-security-policy
script-src 'report-sample' 'nonce-d5QROZF1PCmJzaMmmxkwNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0pBiqGV4xtQKxE7pM1hDgFiIh-N977KNbAIr2nofMgIAxY8MGQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hespress.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
adview
pagead2.googlesyndication.com/pagead/ Frame 9356 		0
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9356 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssP6Re9090jY0avoHkRB3O0REfnhq5QEnQ7GZ-hAuCoGHdGblRDedLdf-mK1D1kFnCDkx4jnWryx3sdi9g35O7w5A6Z9S4c96h0RJZq5rcDE9pV33ftyy7SPajab-9f0nAM-3e7BqDoT85nCrGFvYRdeu8OCx8VU5UazzuF4UM&sig=Cg0ArKJSzFR29ReuGbzgEAE&id=ampim&o=117,134&d=1366,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=285&tls=1285&g=99.92499947547913&h=99.92499947547913&tt=1285&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=124.0.6367.60&uab=64&uafvl=%5B%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124.0.6367.60%22%7D%2C%7B%22brand%22%3A%22Not-A.Brand%22%2C%22version%22%3A%2299.0.0.0%22%7D%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.hespress.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 22:25:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CcEKj7oYpZoicLrv01PIP9ZK4gAKIr4PUduSTpuiaEmQQASChm-0xYJX68IGMB6ABw_vKoCjIAQmpAqGDRW9GBrI-4AIAqAMByAMKqgS2Ak_QdefsOEZgY115n-o5Qx8Ip6r2Hk_Skbv4fLunkTKaWJzpSfxgciVjUVF9dwKDDhhf9W498yZHnRLGbQTuqZoBJrGBX0b3qhtLxv5GcrEZMJ00uYccz6Y6qQPd48kphJB_D1N41E0UceQjoMNJ_yHXCQbF3WWOSHCm5yTLKYIyl3lThodFKC273hDZYwMhMWHdNrXysB9qxspAa3Hu7Ge7_EioU-JqCZx9C8jP0axgY-plo0oBtNy5RDQjialfvUXObslPyrR0-SX31DKNlLxtNH1kw3eVMY0_1shjSxoJ-HIl2izEW89sXhw4a1cVfGoBDNlWvA0m-pyF0pv7e5uwkVv6xRc2oL5ipneCa2oCqtqKyiWcr6xlbcsjMI_8VGuTaeQJ4L3BFe9HfrafvT1kJHrPAuzABJPk-ITUBOAEAYgF08Te4E6SBQQIBBgBkgUECAUYBKAGLoAHw7ObgAOoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAPIHBBC5uA7SCCoIkeGAcBABGB0yB-uLgOC_gA06CACAgICAgJQoSL39wTpYutiLufLbhQOaCeABaHR0cHM6Ly93d3cuaG9ybW9udGhlcmFwaWUtd2VjaHNlbGphaHJlLmRlL3N5bXB0b21lLXdlY2hzZWxqYWhyZS9zY2hlaWRlbnRyb2NrZW5oZWl0L2dhbGVyaWUtZGFzLWhpbGZ0LWJlaS1zY2hlaWRlbnRyb2NrZW5oZWl0LTEzLXRpcHBzLWlkMTQ2ODcwLmh0bWw_dXRtX3NvdXJjZT1nb29nbGVfYWRzJnV0bV9jYW1wYWlnbj1zY2hlaWRlbnRyb2NrZW5oZWl0JnV0bV9jb250ZW50PWdhbGVyaWWACgPICwHiDRMI_4WMufLbhQMVOzpVCB11CQ4g2BMKiBQB0BUBmBYBgBcBshceChwIABIUcHViLTk4MDkwOTg2NjgzMDU0NTcYtKgdshgJEgLTaxguIgEA&sigh=D-ghNdviUr8&uach_m=%5B%5D&ase=2&nis=5&template_id=5000&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404180101&jk=984800470702111&bg=!cXKlcj3NAAZ55ZTXWeU7ADQBe5WfOGdegg5RWvqtBqBeafoCOZzrBGjwhy3GBlTuNs6eYhTjTVY8mEYk-Xb7x0j4PcbwAgAAACtSAAAAAmgBB34ANeL64b6N0yIykpGCd6XVE1Ad6pM_UHv5-6UyR54ftivCsHeVEFUCTD_ohMZo3E7FVdYeC-IKmQKrXNhIbVZJyd8GcERf_AI92urIz44gVPijaP9ZM5e8ZmQ9nvVvwKwd8aYeZbicVqvCZ-jKcQ3U2idlkxInlZvTQJsBHUFYWUEuJtpQT9y-l89DJRgUpu69AuFbQ2RXhg_VyOywFG35KelvOZitqyHbIFbZGOvyD1M_7NAuUt5822ZGLFcusv36gbGVpqz02QQYjVlcqmC-f9hGv836Ubt4zTRembqWLSXlSqpcEObI5c3fUnMDrf3DkLxIjV27tPcDEyfPkc42eu7r5T1M-rIcY8bIGD-AnallGMNAD2h-IWUbWo-jWg-xQWI7SExHkSZoAWD-eK7RqODeJJ2W27rv_Ebpcg5-L5XhxKik4IqMMAtJJF6qtQJnTb0fnMwFoFUVohtkwq3nfu5UmPHrkdFcuaOsEkwBHlQQKDd8GS4bTIDlM94WZ-o6I8pThGb8gA9d8pYfeUIobF39fOVsJHPZYBdSdAjRY0F-wGmEyYgqIjVjHyYkw4PXvhyNE27nmns4WRFlZiWySp4SFvXh_66fv2rNxpBaUO-baMUXjk_FWyPrF8n7GFP0Nu13pZHJKBiZMNh0vhuI0OnpRXYXtiwVYMKFSr7sisFVQiKqEoycIv3-xQgyq3nQgOn8YP960xZR34AMilZVs3pRzbu2Cqe6CieaV6EEkIfwZgqYjUMKAhPWunvvyafRjVfGYHq7sdeWkIcbB9s_d2P6yOFFEwPtA0w6rMQ5q5QrPVyEHS9bLnuSnngM7bbLUnGYVM3cDX2TAHIzWoGEoJecYJANmuCedLrM6fBz83wUjL4S9e7Em3KrQH_7SntLQ2M0lOFvA1ilDwdOUaMSWHjXUqLaFpBK31FEWXQC4nAHYdVmlsHpc0Kx45JoueU4gfxSfXJq7nRoHPNtymT_P4gQzRY

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| refreshAds object| googletag object| dataLayer object| TWAGORAINARTICLE object| firebase object| config function| downloadAdsenseAtOnload object| notificationApp string| popover_message string| popover_accept_text string| popover_reject_text string| popover_icon_path object| comment_lang string| copyLink string| newsletterApiId object| notificationConf object| hespress object| __cfBeacon object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| fbq function| _fbq function| iFrameResize object| ProjectAgora boolean| google_measure_js_timing number| google_unique_id object| gaGlobal function| onYouTubeIframeAPIReady object| GoogleGcLKhOms number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MjMwNTFjMGNmN2I5NGU4bG9hZGVyX2pz string| MjMwNTFjMGNmN2I5NGU4Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

5 Cookies

Domain/Path Name / Value
.hespress.com/ Name: _gcl_au
Value: 1.1.858692747.1713997550
.hespress.com/ Name: _ga
Value: GA1.1.1734890023.1713997550
.hespress.com/ Name: _fbp
Value: fb.1.1713997550402.1618120644
.hespress.com/ Name: _ga_P97QV0GBGK
Value: GS1.1.1713997550.1.0.1713997551.59.0.0
.hespress.com/ Name: __eoi
Value: ID=d6084b940cdba670:T=1713997550:RT=1713997550:S=AA-AfjbxV9uYxG4cQDfBy4PfkFza

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/447079109144639?v=2.9.154&r=stable&domain=www.hespress.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a1472118a9a0726ab31dcdf9813eefd.safeframe.googlesyndication.com
cdn.ampproject.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
i1.hespress.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
pahter.tech
palibzh.tech
region1.analytics.google.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.hespress.com
pagead2.googlesyndication.com
142.250.181.226
142.250.186.35
172.67.138.21
172.67.181.58
2001:4860:4802:32::36
216.58.206.46
2606:4700::6810:5049
2606:4700::6812:16c4
2606:4700::6812:17c4
2a00:1450:4001:800::2003
2a00:1450:4001:806::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
001ea21228a97dae98ec1543fc73f0bd94237c879767f2b8a62e4d909b045a55
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
0388be3d9310493c9bc460961c10069f880f28841be60098205cbe59692c408b
081f145352b18f3e4b53581b125fca2b9b12f5e8d44cee9fe193b1102b79167f
09d204b56b57565e32c86cb5795dd83717bd5b291610e4b2c6040d4f244660b0
0c2234d9a049a921c0543bfb1ea4bc1dfa3b14fbd62c6c23d1b25ba02116bc5f
0e8bf73203dc15da72b661e3eb0d9016bdc6ef57dda7ce5f1605d2734d0f532e
16a9f34ebfbf0d2f443842ae1678e0a6422a34542f8c976ee8a3bce78a057e09
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
1c1e5075b14343f8c0d6c6192854d511fe5aa47ea6f2280b5c9b69537ea57d98
1ee56c1a5992a3828fd5ff4b1befc7341c64b447c72a4ac80b90920fc0199048
23bc8431c5bb68cb2a6ad44caaf38b15adde8fd37db37b20ecd64ecd7206e808
2959030781573a3f5693994163754bfc66b764e3b3f04ede91efebf13468b685
2d48f02bf12df63c25b1bf4f7931acbd2e3663960502af755e427057c842cd8b
314b20cc0033a9727c035223982e7f1e97826c9925b85c12e915d983fcd0b2ff
345621274bac11fb21cec5f1de1123c10ebaf1d2a205f1efc127c4d9fbb1d22b
37ad41ec8e23b468c0fced8227cca7b492d42213fc1050643e3a3237198b01a0
3bcde962ce23f4844a4d9da267f99adef7dbff14a20db76bba76182caea17e79
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4af61d8129a239ad6bdc1dc941d2964ef56659d46c7abecd60b92badd7213ff0
50234c17da00532efe5b3ac851c3caad75825978dd9e483179224217e886b952
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53e9e9f48959d9024706b99327538430cebd91cc9c6390cbb10fd55e24722c62
5a1b1fff7df671390f521b78ffc9326ea921bc29dc1f1a2637f17367796726da
5c5f6f937db7e3e787799230526f2daf567014c6caf59d14e09c399b2e965a46
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645a02525da989b87ed9b20c6a8b96203f5ae04c36edf1870042e9c7bc708497
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67eae977dfd735cd6115cf887330a651186fddd24374d8dc0ad8bb4d3bb7df2d
6af81412e294227525ca2a32da8ff2fa4ebf4fcffce958062fc31bd6d2100f69
7208dbe3afb79c3d003978c6bd40e42effa7717e5e3864097ecf435e7ef5150e
7832d670fcf6061a2135ba2040bb5e47f7ebecfece273c780bee46ddc35b8566
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84594f16ed43a2b5211436e4fab2726d76fa781d7df654b77f8338c2c396c808
84676ab077cd41bb0b2463391192f00d3ce69bb0daeade0ab1d90478f57738e6
8559d503864e002526bed6fcceae2af94e73559542a7abf81194502922a6c8f3
891f2635dd85b8f10533f27a0ac001d327dbc8cf675fdaa5857656edc4cf9c91
8967b7001746faad867c762395286dc46dcd6ec675fe5fec13beea0e7285a13f
8d6b4dc72cba422edcff8fc0dd7ebb7161d948eb3656a6e416bd3238785fc00c
8dcf279d9a554d4e7c507724e2abd39d2b172cf720bd1b368354838a73d9852a
8e494f1321a6b31f3f2c5b67d5ed2242260adae69ac403bf87daba0aa6f0d9cf
907f697d5f1cd9dc7364322b36206c1184f3867c5dc88c305c6006352a18e121
98d0809f390b63756f51992086225189efd205a95dda208c0dd839a8fd95d5f2
99588fba588fd2750956dba5c6e451cffddc89d9628caeee30672f5d139174f1
9991517ace2a4c2072133843db6392482d94c5c06a05887795419e8d63a03d78
9d625e72c110b5d9146b17488a7098e02510ad4fc9b7d9ce11ec04e403a39110
a4fc9035e5cd15b82f9dee6faa87552a0c745b5494137a403e256e07662c8455
a5771250d86d1a42b7a139f5fa12b1f90dcf7377491d40b47f9fc07413c90ddb
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
ae06cf0e7b2dd7e9a52608bf81dcf7679267d5a07b73634d3d9ceb22faf3b8c2
b25fcefbd07fcf43a381610564b69758bd6e6c844d0c6f7b2ee6c5d7310154f5
b653ec3521af77485257429efb1307ca275192b219cfcf56fa617ec76f874cf6
b6ed33577fd833171a4c6d165c757ad89ff3029304cb3e41ad5c689f12b799f5
b701d28718db93eace3000b788edb2e07a52bb288a1df9eafcfe5ff39f52742c
b9c314325cb2687cf946af761b7603006696722296df95c89f8772b13e6a093a
ba83384cdabc58cc3e499776585707f74b62189f7e54502a997dca1fb2617933
bd0cb26dde22fc23660670ee1395afa161cf48441759a319264de3d8b35ac7b6
c1fadd1ab6c76d3e82a9f071cb8906252ab2411b95efc087b547ca7ccbf8238d
c815bac571295deed8ce54bf938599169fd1378ceb0c6f080a3522b48ccbfbc8
ccd361daa5032b081e552b1e9aca061b6c92b492ddd464e7eb63c30fe5ba9dab
cfec0bc55364346c23c393f5b490e6ce4f86bd3473a0b20c7a6d306db3f57432
d0e53c1e21636179b4f324196818888ebcbcbac5e251f603e7dec35b06e7f0d7
d75c23ec66cc75332574ea9825521d0e5783ce394a752281d9010bc7925d565e
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
dff55fd41c5b204c888b997ee0a254ee2688045728ebb75c42f58d45c78943c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4285c8bb61c826b315d24e3fb59a21f2f8e7ebcee74b4f2562fa44339533e64
e4a22966f8553cf803759c1a3d324a68339f11a9ce2aaefeff03f3f39c8fda3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b3f000380917bdde7b4352d5e2eca974f6056ff8139159ffceb97926010389
f25068245806d17504e859b618a39343828b737ced3e6da6d35915716e1908b3
f45f17bd452915b087fab3f918c99cf7f22b3c5d02f3bfa786c89b14d220e0f3
f853fedba6a22078106daa1d0083f22fbb4dcff7ab68c1ad3800fd6dd12e63f1
f8e3bd693d9907360127ab2d95c920ed35e4c5bb185c83e725604baa22339e17